CIS Kubernetes Benchmark
Profile Applicability: Level 1 Description: The --audit-log-maxsize argument specifies the maximum size (in megabytes) of an individual audit log f...
Thu, 8 May, 2025 at 11:31 PM
Profile Applicability: Level 1 Description: The --audit-log-maxbackup argument specifies the maximum number of backup files to retain for audit logs...
Thu, 8 May, 2025 at 11:36 PM
Profile Applicability: Level 1 Description: The --audit-log-maxage argument specifies the maximum number of days to retain audit logs before they a...
Thu, 8 May, 2025 at 11:43 PM
Profile Applicability: Level 1 Description: The --audit-log-path argument in Kubernetes specifies the file path where audit logs will be written. A...
Thu, 8 May, 2025 at 11:50 PM
Profile Applicability: Level 1 Description: The --profiling argument controls whether profiling is enabled in the Kubernetes API server. Profiling i...
Thu, 8 May, 2025 at 11:56 PM
Profile Applicability: Level 2 Description: The NodeRestriction admission control plugin limits the permissions of kubelets to modify only the resou...
Fri, 9 May, 2025 at 12:01 AM
Profile Applicability: Level 2 Description: The NamespaceLifecycle admission control plugin ensures that Pods and other resources are prevented from...
Fri, 9 May, 2025 at 12:06 AM
Profile Applicability: Level 2 Description: The ServiceAccount admission control plugin is responsible for automatically creating and associating s...
Fri, 9 May, 2025 at 12:10 AM
Profile Applicability: Level 1 Description: The AlwaysPullImages admission control plugin ensures that every time a container is launched, the ima...
Fri, 9 May, 2025 at 12:15 AM
Profile Applicability: Level 1 Description: The AlwaysAdmit admission control plugin in Kubernetes allows all API requests to be admitted, bypassing...
Fri, 9 May, 2025 at 12:22 AM