3.2.2 Ensure that the audit policy covers key security concerns


Ensure that the audit policy created for the cluster covers key security concerns.


Security audit logs should cover access and modification of key resources in the cluster, to enable them to form an effective part of a security environment.


Increasing audit logging will consume resources on the nodes or other log destination.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.


Consider modification of the audit policy in use on the cluster to include these items, at a minimum.

Default Value:

By default Kubernetes clusters do not log audit information.

See Also