-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for CIS OpenShift 1.6 Benchmark #1682
base: main
Are you sure you want to change the base?
Conversation
@@ -13,7 +13,7 @@ groups: | |||
type: "manual" | |||
audit: | | |||
#To get a list of users and service accounts with the cluster-admin role | |||
oc get clusterrolebindings -o=customcolumns=NAME:.metadata.name,ROLE:.roleRef.name,SUBJECT:.subjects[*].kind | | |||
oc get clusterrolebindings -o=custom-columns=NAME:.metadata.name,ROLE:.roleRef.name,SUBJECT:.subjects[*].kind | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This was a typo in the benchmark. I was comparing both the standards when I identified this. The type is marked as manual
, so wasn't caught earlier.
2873eea
to
d2041f5
Compare
Hi @afdesk @mozillazg, |
Hi @deebhatia! |
ac899d1
to
c8d2de5
Compare
Hi @afdesk, Can you please take some time out and review it? |
This adds support of CIS OpenShift 1.6 Benchmark.
Closes #1457
CIS Benchmark Link
https://workbench.cisecurity.org/benchmarks/16094
CIS Blog mentioning the OpenShift 4.15 release version
https://www.cisecurity.org/insights/blog/cis-benchmarks-july-2024-update#CISRedHatOpenShiftContainerPlatformBenchmarkv1.6.0
Sample Run
Command Used
kube-bench run --json --version ocp-4.16
Report
1_6_results.json