CIS Amazon Elastic Kubernetes Service (EKS) Benchmark
Profile Applicability: • Level 1 Description: Do not disable timeouts on streaming connections by setting the --streaming-connection-idle-timeout argumen...
Wed, 23 Apr, 2025 at 1:23 AM
Profile Applicability: • Level 1 Description: Allow Kubelet to manage iptables configurations automatically. By setting --make-iptables-util-chains to tru...
Wed, 23 Apr, 2025 at 1:25 AM
Profile Applicability: • Level 1 Description: The eventRecordQPS on the Kubelet configuration limits the rate at which events are gathered. Setting this ...
Wed, 23 Apr, 2025 at 1:28 AM
Profile Applicability: • Level 1 Description: Enable kubelet client certificate rotation by ensuring the --rotate-certificates argument is either not pre...
Thu, 17 Apr, 2025 at 1:18 AM
Profile Applicability: • Level 1 Description: Enable Kubelet server certificate rotation to ensure that the Kubelet's server certificates are periodi...
Wed, 23 Apr, 2025 at 1:36 AM
Profile Applicability: • Level 1 Description: Ensure that the cluster-admin role in Kubernetes is assigned only to those who absolutely require it, as it...
Wed, 23 Apr, 2025 at 1:39 AM
Profile Applicability: • Level 1 Description: Ensure that access to Kubernetes secrets is restricted to only the users and service accounts that absolute...
Wed, 23 Apr, 2025 at 1:41 AM
Profile Applicability: • Level 1 Description: Minimize the use of wildcards (*) in Kubernetes Roles and ClusterRoles. Wildcards match all items, and thei...
Wed, 23 Apr, 2025 at 1:44 AM
Profile Applicability: • Level 1 Description: Minimize the number of users and service accounts who have the ability to create new pods in Kubernetes. Al...
Thu, 17 Apr, 2025 at 1:58 AM
Profile Applicability: • Level 1 Description: Ensure that the default service account is not used for workloads that require access to the Kubernetes API...
Wed, 23 Apr, 2025 at 1:45 AM