2 Etcd Node Configuration Files
2.1 Ensure that the –cert-file and –key-file arguments are set as appropriate (Manual)
Recommended Action
OpenShift does not use the etcd-certfile or etcd-keyfile flags.
Certificates for etcd are managed by the etcd cluster operator.
2.2 Ensure that the –client-cert-auth argument is set to true (Manual)
Recommended Action
This setting is managed by the cluster etcd operator. No remediation required."
2.3 Ensure that the –auto-tls argument is not set to true (Manual)
Recommended Action
This setting is managed by the cluster etcd operator. No remediation required.
2.4 Ensure that the –peer-cert-file and –peer-key-file arguments are set as appropriate (Manual)
Recommended Action
None. This configuration is managed by the etcd operator.
2.5 Ensure that the –peer-client-cert-auth argument is set to true (Manual)
Recommended Action
This setting is managed by the cluster etcd operator. No remediation required.
2.6 Ensure that the –peer-auto-tls argument is not set to true (Manual)
Recommended Action
This setting is managed by the cluster etcd operator. No remediation required.
2.7 Ensure that a unique Certificate Authority is used for etcd (Manual)
Recommended Action
None required. Certificates for etcd are managed by the OpenShift cluster etcd operator.