SRG-APP-000516-CTR-001335 Controls

STIG IDVersionTitleProduct
CNTR-OS-001060V2R4OpenShift must continuously scan components, containers, and images for vulnerabilities.Red Hat OpenShift Container Platform
CNTR-K8-003260V2R4The Kubernetes etcd must have file permissions set to 644 or more restrictive.Security Requirements Guide - Kubernetes
CNTR-K8-003270V2R4The Kubernetes admin kubeconfig must have file permissions set to 644 or more restrictive.Security Requirements Guide - Kubernetes
CNTR-K8-003280V2R4Kubernetes API Server audit logs must be enabled.Security Requirements Guide - Kubernetes
CNTR-K8-003290V2R4The Kubernetes API Server must be set to audit log max size.Security Requirements Guide - Kubernetes
CNTR-K8-003300V2R4The Kubernetes API Server must be set to audit log maximum backup.Security Requirements Guide - Kubernetes
CNTR-K8-003310V2R4The Kubernetes API Server audit log retention must be set.Security Requirements Guide - Kubernetes
CNTR-K8-003320V2R4The Kubernetes API Server audit log path must be set.Security Requirements Guide - Kubernetes
CNTR-K8-003330V2R4The Kubernetes PKI CRT must have file permissions set to 644 or more restrictive.Security Requirements Guide - Kubernetes
CNTR-K8-003340V2R4The Kubernetes PKI keys must have file permissions set to 600 or more restrictive.Security Requirements Guide - Kubernetes
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.