CIS Amazon Elastic Kubernetes Service (EKS) Benchmark
Profile Applicability: • Level 1 Description: Ensure that service account tokens are only mounted in pods where explicitly required for communication wit...
Wed, 23 Apr, 2025 at 1:46 AM
Profile Applicability: • Level 1 Description: Amazon EKS has introduced the Cluster Access Manager API to enhance the management of Role-Based Access Con...
Wed, 23 Apr, 2025 at 1:49 AM
Profile Applicability: • Level 1 Description: Limit the use of the bind, impersonate, and escalate permissions in Kubernetes cluster roles and role bindi...
Wed, 23 Apr, 2025 at 1:51 AM
Profile Applicability: • Level 1 Description: Privileged containers, defined by the securityContext.privileged flag being set to true, should not be allo...
Wed, 23 Apr, 2025 at 1:52 AM
Profile Applicability: • Level 1 Description: Containers should generally not be allowed to run with the hostPID flag set to true. Allowing containers to...
Thu, 17 Apr, 2025 at 2:26 AM
Profile Applicability: • Level 1 Description: Containers should not be allowed to run with the hostIPC flag set to true, unless absolutely necessary. Con...
Thu, 17 Apr, 2025 at 2:30 AM
Profile Applicability: • Level 1 Description: Containers should not be allowed to run with the hostNetwork flag set to true unless absolutely necessary. ...
Thu, 17 Apr, 2025 at 2:35 AM
Profile Applicability: • Level 1 Description: Containers should not be allowed to run with the allowPrivilegeEscalation flag set to true. This setting al...
Wed, 23 Apr, 2025 at 1:58 AM
Profile Applicability: • Level 1 Description: There are various CNI (Container Network Interface) plugins available for Kubernetes clusters. If the CNI p...
Wed, 23 Apr, 2025 at 2:01 AM
Profile Applicability: • Level 1 Description: Network policies should be defined for each namespace in the Kubernetes cluster to control the traffic betw...
Wed, 23 Apr, 2025 at 2:49 AM