Related information
- 2.1.1 - Enable audit logs (automated)
- 3.2.1 - Ensure that anonymous authentication is not enabled (automated)
- 3.2.2 - Ensure that the authorization-mode argument is not set to AlwaysAllow (automated)
- 3.2.3 - Ensure that a Client CA file is configured (automated)
- 3.2.5 - Ensure that the --streaming-connection-idle-timeout argument is not set to 0 (automated)
- 3.2.6 - Ensure that the --make-iptables-util-chains argument is set to true (automated)
- 3.2.7 - Ensure that the --eventRecordQPS argument is set to 0 or a level which ensures appropriate event capture (automated)
- 3.2.9 - Ensure that the RotateKubeletServerCertificate argument is set to true (automated)
- 4.1.3 - Minimize wildcard use in Roles and ClusterRoles (automated)
- 5.1.1 - Ensure Image Vulnerability Scanning using Amazon ECR or a third-party provider (automated)
- 5.4.1 - Restrict Access to the Control Plane Endpoint (automated)
- 5.4.2 Ensure clusters are created with Private Endpoint Enabled and Public Access Disabled (Automated)
- 5.4.3 Ensure clusters are created with Private Nodes (Automated)
- 5.4.4 Ensure Network Policy is Enabled and set as appropriate (Automated)