cis

package

v0.0.0-...-088a001 Latest Latest Go to latest Published: Nov 15, 2018 License: MPL-2.0 Imports: 8 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/autonomy/dianemo

Links

Open Source Insights

Documentation ¶

Index ¶

func EnforceAdmissionPluginsRequirements(cfg *kubeadmapi.InitConfiguration) error
func EnforceAuditingRequirements(cfg *kubeadmapi.InitConfiguration) error
func EnforceExtraRequirements(cfg *kubeadmapi.InitConfiguration) error
func EnforceMasterRequirements(cfg *kubeadmapi.InitConfiguration) error
func EnforceSecretRequirements(cfg *kubeadmapi.InitConfiguration) error
func EnforceTLSRequirements(cfg *kubeadmapi.InitConfiguration) error
func EnforceWorkerRequirements(cfg *kubeadmapi.JoinConfiguration) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func EnforceAdmissionPluginsRequirements ¶

func EnforceAdmissionPluginsRequirements(cfg *kubeadmapi.InitConfiguration) error

EnforceAdmissionPluginsRequirements enforces CIS requirements for admission plugins. TODO(andrewrynhard): Include any extra user specified plugins. TODO(andrewrynhard): Enable PodSecurityPolicy. TODO(andrewrynhard): Enable EventRateLimit.

func EnforceAuditingRequirements ¶

func EnforceAuditingRequirements(cfg *kubeadmapi.InitConfiguration) error

EnforceAuditingRequirements enforces CIS requirements for auditing. TODO(andrewrynhard): Enable audit-log-maxbackup. TODO(andrewrynhard): Enable audit-log-maxsize.

func EnforceExtraRequirements ¶

func EnforceExtraRequirements(cfg *kubeadmapi.InitConfiguration) error

EnforceExtraRequirements enforces miscellaneous CIS requirements. TODO(andrewrynhard): Enable anonymous-auth, see https://github.com/kubernetes/kubeadm/issues/798. TODO(andrewrynhard): Enable kubelet-certificate-authority, see https://github.com/kubernetes/kubeadm/issues/118#issuecomment-407202481.

func EnforceMasterRequirements ¶

func EnforceMasterRequirements(cfg *kubeadmapi.InitConfiguration) error

EnforceMasterRequirements enforces the CIS requirements for master nodes.

func EnforceSecretRequirements ¶

func EnforceSecretRequirements(cfg *kubeadmapi.InitConfiguration) error

EnforceSecretRequirements enforces CIS requirements for secrets.

func EnforceTLSRequirements ¶

func EnforceTLSRequirements(cfg *kubeadmapi.InitConfiguration) error

EnforceTLSRequirements enforces CIS requirements for TLS.

func EnforceWorkerRequirements ¶

func EnforceWorkerRequirements(cfg *kubeadmapi.JoinConfiguration) error

EnforceWorkerRequirements enforces the CIS requirements for master nodes.

Types ¶

This section is empty.

Source Files ¶

View all Source files

cis.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL