Skip to content

Commit

Permalink
Added worker
Browse files Browse the repository at this point in the history
  • Loading branch information
@abhiyerra
abhiyerra committed Sep 15, 2023
1 parent 4ea374d commit 8bf9f83
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions usage.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -113,7 +113,7 @@ aws iam create-service-linked-role --aws-service-name spot.amazonaws.com
| **2.1** | **Logging** | | | |
| 2.1.1 | Enable audit logs | L1 | Active | `cluster_logging` is configured |
| **3** | **Worker Nodes** | | | |
| 3.1 | Worker Node Configuration Files | | | |
| **3.1** | **Worker Node Configuration Files** | | | |
| 3.1.1 | Ensure that the kubeconfig file permissions are set to 644 or more restrictive | L1 | Remediate | |
| 3.1.2 | Ensure that the kubelet kubeconfig file ownership is set to root:root | L1 | Remediate | |
| 3.1.3 | Ensure that the kubelet configuration file has permissions set to 644 or more restrictive | L1 | Remediate | |
Expand Down Expand Up @@ -165,9 +165,9 @@ aws iam create-service-linked-role --aws-service-name spot.amazonaws.com
| **5** | **Managed services** | | | |
| **5.1** | **Image Registry and Image Scanning** | | | |
| 5.1.1 | Ensure Image Vulnerability Scanning using Amazon ECR image scanning or a third party provider | L1 | Active | [Example](examples/eks/main.tf#L79) |
| 5.1.2 | Minimize user access to Amazon ECR | L1 | Manual | [terraform-aws-mrmgr](https://github.com/opszero/terraform-aws-mrmgr) |
| 5.1.3 | Minimize cluster access to read-only for Amazon ECR | L1 | Manual | [terraform-aws-mrmgr](https://github.com/opszero/terraform-aws-mrmgr) with OIDC |
| 5.1.4 | Minimize Container Registries to only those approved | L2 | Remediate | |
| 5.1.2 | Minimize user access to Amazon ECR | L1 | Active | [terraform-aws-mrmgr](https://github.com/opszero/terraform-aws-mrmgr) |
| 5.1.3 | Minimize cluster access to read-only for Amazon ECR | L1 | Active | [terraform-aws-mrmgr](https://github.com/opszero/terraform-aws-mrmgr) with OIDC |
| 5.1.4 | Minimize Container Registries to only those approved | L2 | Active | [terraform-aws-mrmgr](https://github.com/opszero/terraform-aws-mrmgr) |
| **5.2** | **Identity and Access Management (IAM)** | | | |
| 5.2.1 | Prefer using dedicated EKS Service Accounts | L1 | Remediate | |
| **5.3** | **AWS EKS Key Management Service** | | | |
Expand Down

0 comments on commit 8bf9f83

Please sign in to comment.