EKS benchmarks related to Automode #2028
Unanswered
TechRabb1t
asked this question in
Questions and Help
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hey everyone,
I didn't find any related discussion or issues about this topic. When running kube-bench 0.14.1 with benchmark eks-1.7.0 (and probably others) CIS 3.2.9 is marked as failed.
[FAIL] 3.2.9 Ensure that the RotateKubeletServerCertificate argument is set to true (Automated)This seems to be a false positive as it's directly managed by AWS and we don't have control over the EKS nodeconfig. I assume this might happen in the future with others as well as normal EKS and EKS Automode differs.
What is the desired plan of action? Setting the scored to false seems wrong to me. Maybe an additional eks-auto-cfg?
best regards
Beta Was this translation helpful? Give feedback.
All reactions