V-242376 The Kubernetes Controller Manager must use TLS 1.2, at a minimum | Component of EKS Control Plane
Recommended Action
V-242377 The Kubernetes Scheduler must use TLS 1.2, at a minimum | Component of EKS Control Plane
Recommended Action
V-242378 The Kubernetes API Server must use TLS 1.2, at a minimum | Component of EKS Control Plane
Recommended Action
V-242379 The Kubernetes etcd must use TLS to protect the confidentiality of sensitive data during electronic dissemination | Component of EKS Control Plane
Recommended Action
V-242380 The Kubernetes etcd must use TLS to protect the confidentiality of sensitive data during electronic dissemination | Component of EKS Control Plane
Recommended Action
V-242382 The Kubernetes API Server must enable Node,RBAC as the authorization mode | Component of EKS Control Plane
Recommended Action
V-242384 The Kubernetes Scheduler must have secure binding | Component of EKS Control Plane
Recommended Action
V-242385 The Kubernetes Controller Manager must have secure binding | Component of EKS Control Plane
Recommended Action
V-242389 The Kubernetes API server must have the secure port set | Component of EKS Control Plane
Recommended Action
V-242401 The Kubernetes API Server must have an audit policy set | Component of EKS Control Plane
Recommended Action
V-242402 The Kubernetes API Server must have an audit log path set | Component of EKS Control Plane
Recommended Action
V-242403 Kubernetes API Server must generate audit records | Component of EKS Control Plane
Recommended Action
V-242405 The Kubernetes manifests must be owned by root | Component of EKS Control Plane
Recommended Action
V-242408 The Kubernetes manifests must have least privileges | Component of EKS Control Plane
Recommended Action
V-242409 Kubernetes Controller Manager must disable profiling | Component of EKS Control Plane
Recommended Action
V-242410 The Kubernetes API Server must enforce PPS that adhere to PPSM CAL | Component of EKS Control Plane
Recommended Action
V-242411 The Kubernetes Scheduler must enforce PPS that adhere to PPSM CAL | Component of EKS Control Plane
Recommended Action
V-242412 The Kubernetes Controllers must enforce PPS that adhere to PPSM CAL | Component of EKS Control Plane
Recommended Action
V-242413 The Kubernetes etcd must enforce PPS that adhere to PPSM CAL | Component of EKS Control Plane
Recommended Action
V-242418 The Kubernetes API server must use approved cipher suites | Component of EKS Control Plane
Recommended Action
V-242419 Kubernetes API Server must have the SSL Certificate Authority set | Component of EKS Control Plane
Recommended Action
V-242420 Kubernetes Kubelet must have the SSL Certificate Authority set | Component of EKS Control Plane
Recommended Action
V-242421 Kubernetes Controller Manager must have the SSL Certificate Authority set | Component of EKS Control Plane
Recommended Action
V-242422 Kubernetes API Server must have a certificate for communication | Component of EKS Control Plane
Recommended Action
V-242423 Kubernetes etcd must enable client authentication to secure service | Component of EKS Control Plane
Recommended Action
V-242424 Kubernetes etcd must enable client authentication to secure service | Component of EKS Control Plane
Recommended Action
V-242425 Kubernetes Kubelet must enable tls-cert-file for client authentication to secure service | Component of EKS Control Plane
Recommended Action
V-242426 Kubernetes etcd must enable client authentication to secure service | Component of EKS Control Plane
Recommended Action
V-242427 Kubernetes etcd must have a key file for secure communication | Component of EKS Control Plane
Recommended Action
V-242428 Kubernetes etcd must have a certificate for communication | Component of EKS Control Plane
Recommended Action
V-242429 Kubernetes etcd must have the SSL Certificate Authority set | Component of EKS Control Plane
Recommended Action
V-242430 Kubernetes etcd must have a certificate for communication | Component of EKS Control Plane
Recommended Action
V-242431 Kubernetes etcd must have a key file for secure communication | Component of EKS Control Plane
Recommended Action
V-242432 Kubernetes etcd must have peer-cert-file set for secure communication | Component of EKS Control Plane
Recommended Action
V-242433 Kubernetes etcd must have a peer-key-file set for secure communication | Component of EKS Control Plane
Recommended Action
V-242438 Kubernetes API Server must configure timeouts to limit attack surface | Component of EKS Control Plane
Recommended Action
V-242444 The Kubernetes component manifests must be owned by root | Component of EKS Control Plane
Recommended Action
V-242445 The Kubernetes component etcd must be owned by etcd | Component of EKS Control Plane
Recommended Action
V-242446 The Kubernetes conf files must be owned by root | Component of EKS Control Plane
Recommended Action
V-242447 The Kubernetes Kube Proxy must have file permissions set to 644 or more restrictive | Component of EKS Control Plane
Recommended Action
V-242448 The Kubernetes Kube Proxy must be owned by root | Component of EKS Control Plane
Recommended Action
V-242449 The Kubernetes Kubelet certificate authority file must have file permissions set to 644 or more restrictive | Component of EKS Control Plane
Recommended Action
V-242450 The Kubernetes Kubelet certificate authority must be owned by root | Component of EKS Control Plane
Recommended Action
V-242451 The Kubernetes component PKI must be owned by root | Component of EKS Control Plane
Recommended Action
V-242452 The Kubernetes kubelet config must have file permissions set to 644 or more restrictive | Component of EKS Control Plane
Recommended Action
V-242453 The Kubernetes kubelet config must be owned by root | Component of EKS Control Plane
Recommended Action
V-242454 The Kubernetes kubeadm.conf must be owned by root | Component of EKS Control Plane
Recommended Action
V-242455 The Kubernetes kubeadm.conf must have file permissions set to 644 or more restrictive | Component of EKS Control Plane
Recommended Action
V-242456 The Kubernetes kubelet config must have file permissions set to 644 or more restrictive | Component of EKS Control Plane
Recommended Action
V-242457 The Kubernetes kubelet config must be owned by root | Component of EKS Control Plane
Recommended Action
V-242458 The Kubernetes API Server must have file permissions set to 644 or more restrictive | Component of EKS Control Plane
Recommended Action
V-242459 The Kubernetes etcd must have file permissions set to 644 or more restrictive | Component of EKS Control Plane
Recommended Action
V-242460 The Kubernetes admin.conf must have file permissions set to 644 or more restrictive | Component of EKS Control Plane
Recommended Action
V-242466 The Kubernetes PKI CRT must have file permissions set to 644 or more restrictive | Component of EKS Control Plane
Recommended Action
V-242467 The Kubernetes PKI keys must have file permissions set to 600 or more restrictive | Component of EKS Control Plane
Recommended Action
V-242468 The Kubernetes API Server must prohibit communication using TLS version 1.0 and 1.1, and SSL 2.0 and 3.0 | Component of EKS Control Plane
Recommended Action
V-245541 Kubernetes Kubelet must not disable timeouts | Component of EKS Control Plane
Recommended Action
V-245543 Kubernetes API Server must disable token authentication to protect information in transit | Component of EKS Control Plane
Recommended Action
V-245544 Kubernetes endpoints must use approved organizational certificate and key pair to protect information in transit | Component of EKS Control Plane