Documentation ¶
Index ¶
Constants ¶
View Source
const ( // PASS check passed. PASS State = "PASS" // FAIL check failed. FAIL State = "FAIL" // WARN could not carry out check. WARN State = "WARN" // INFO informational message INFO State = "INFO" // SKIP for when a check should be skipped. SKIP = "skip" // MASTER a master node MASTER NodeType = "master" // NODE a node NODE NodeType = "node" // FEDERATED a federated deployment. FEDERATED NodeType = "federated" // ETCD an etcd node ETCD NodeType = "etcd" // CONTROLPLANE a control plane node CONTROLPLANE NodeType = "controlplane" // POLICIES a node to run policies from POLICIES NodeType = "policies" // MANAGEDSERVICES a node to run managedservices from MANAGEDSERVICES = "managedservices" // MANUAL Check Type MANUAL string = "manual" )
View Source
const ( // UNKNOWN is when the AWS account can't be found UNKNOWN = "Unknown" // ARN for the AWS Security Hub service ARN = "arn:aws:securityhub:%s::product/khulnasoft-security/kube-bench" // SCHEMA for the AWS Security Hub service SCHEMA = "2018-10-08" // TYPE is type of Security Hub finding TYPE = "Software and Configuration Checks/Industry and Regulatory Standards/CIS Kubernetes Benchmark" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Check ¶
type Check struct { ID string `yaml:"id" json:"test_number"` Text string `json:"test_desc"` Audit string `json:"audit"` AuditEnv string `yaml:"audit_env"` AuditConfig string `yaml:"audit_config"` Type string `json:"type"` Tests *tests `json:"-"` Set bool `json:"-"` Remediation string `json:"remediation"` TestInfo []string `json:"test_info"` State `json:"status"` ActualValue string `json:"actual_value"` Scored bool `json:"scored"` IsMultiple bool `yaml:"use_multiple_values"` ExpectedResult string `json:"expected_result"` Reason string `json:"reason,omitempty"` AuditOutput string `json:"-"` AuditEnvOutput string `json:"-"` AuditConfigOutput string `json:"-"` DisableEnvTesting bool `json:"-"` }
Check contains information about a recommendation in the CIS Kubernetes document.
type Controls ¶
type Controls struct { ID string `yaml:"id" json:"id"` Version string `json:"version"` DetectedVersion string `json:"detected_version,omitempty"` Text string `json:"text"` Type NodeType `json:"node_type"` Groups []*Group `json:"tests"` Summary }
Controls holds all controls to check for master nodes.
func NewControls ¶
NewControls instantiates a new master Controls object.
func (*Controls) ASFF ¶
func (controls *Controls) ASFF() ([]types.AwsSecurityFinding, error)
ASFF encodes the results of last run to AWS Security Finding Format(ASFF).
type Group ¶
type Group struct { ID string `yaml:"id" json:"section"` Type string `yaml:"type" json:"type"` Pass int `json:"pass"` Fail int `json:"fail"` Warn int `json:"warn"` Info int `json:"info"` Text string `json:"desc"` Checks []*Check `json:"results"` }
Group is a collection of similar checks.
type OverallControls ¶
Click to show internal directories.
Click to hide internal directories.