1.1 Master Node Configuration Files
1.1.1 Ensure that the API server pod specification file permissions are set to 644 or more restrictive (Manual)
Recommended Action
No remediation required; file permissions are managed by the operator.
1.1.2 Ensure that the API server pod specification file ownership is set to root:root (Manual)
Recommended Action
No remediation required; file permissions are managed by the operator.
1.1.3 Ensure that the controller manager pod specification file permissions are set to 644 or more restrictive (Manual)
Recommended Action
No remediation required; file permissions are managed by the operator.
1.1.4 Ensure that the controller manager pod specification file ownership is set to root:root (Manual)
Recommended Action
No remediation required; file permissions are managed by the operator.
1.1.5 Ensure that the scheduler pod specification file permissions are set to 644 or more restrictive (Manual)
Recommended Action
No remediation required; file permissions are managed by the operator.
1.1.6 Ensure that the scheduler pod specification file ownership is set to root:root (Manual))
Recommended Action
No remediation required; file permissions are managed by the operator.
1.1.7 Ensure that the etcd pod specification file permissions are set to 644 or more restrictive (Manual))
Recommended Action
No remediation required; file permissions are managed by the operator.
1.1.8 Ensure that the etcd pod specification file ownership is set to root:root (Manual)
Recommended Action
No remediation required; file permissions are managed by the operator.
1.1.9 Ensure that the Container Network Interface file permissions are set to 644 or more restrictive (Manual)
Recommended Action
No remediation required; file permissions are managed by the operator.
1.1.10 Ensure that the Container Network Interface file ownership is set to root:root (Manual)
Recommended Action
No remediation required; file permissions are managed by the operator.
1.1.11 Ensure that the etcd data directory permissions are set to 700 or more restrictive (Manual)
Recommended Action
No remediation required; file permissions are managed by the operator.
1.1.12 Ensure that the etcd data directory ownership is set to etcd:etcd (Manual)
Recommended Action
No remediation required; file permissions are managed by the operator.
1.1.13 Ensure that the admin.conf file permissions are set to 644 or more restrictive (Manual))
Recommended Action
No remediation required; file permissions are managed by the operator.
1.1.14 Ensure that the admin.conf file ownership is set to root:root (Manual)
Recommended Action
No remediation required; file permissions are managed by the operator.
1.1.15 Ensure that the scheduler.conf file permissions are set to 644 or more restrictive (Manual)
Recommended Action
No remediation required; file permissions are managed by the operator.
1.1.16 Ensure that the scheduler.conf file ownership is set to root:root (Manual)
Recommended Action
No remediation required; file permissions are managed by the operator.
1.1.17 Ensure that the controller-manager.conf file permissions are set to 644 or more restrictive (Manual)
Recommended Action
No remediation required; file permissions are managed by the operator.
1.1.18 Ensure that the controller-manager.conf file ownership is set to root:root (Manual)
Recommended Action
No remediation required; file permissions are managed by the operator.
1.1.19 Ensure that the Kubernetes PKI directory and file ownership is set to root:root (Manual)
Recommended Action
No remediation required; file permissions are managed by the operator.
1.1.20 Ensure that the OpenShift PKI certificate file permissions are set to 644 or more restrictive (Manual)
Recommended Action
No remediation required; file permissions are managed by the operator.
1.1.21 Ensure that the OpenShift PKI key file permissions are set to 600 (Manual)
Recommended Action
No remediation required; file permissions are managed by the operator.