3.2.2 Ensure that the audit policy covers key security concerns

Information

Ensure that the audit policy created for the cluster covers key security concerns.

Rationale:

Security audit logs should cover access and modification of key resources in the cluster, to enable them to form an effective part of a security environment.

Impact:

Increasing audit logging will consume resources on the nodes or other log destination.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Consider modification of the audit policy in use on the cluster to include these items, at a minimum.

Default Value:

By default Kubernetes clusters do not log audit information.

See Also

https://workbench.cisecurity.org/files/2968

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-3, CSCv6|14.6, CSCv7|14.9

Plugin: Unix

Control ID: 6c0201bd1689484369373a1338488b8d10583b3d3086dbae0a8e89a35dbd32b3