Detections
Analytics

CSCv7|4.3

Title

Ensure the Use of Dedicated Administrative Accounts

Description

Ensure that all users with administrative account access use a dedicated or secondary account for elevated activities. This account should only be used for administrative activities and not internet browsing, email, or similar activities.

Reference Item Details

Category: Controlled Use of Administrative Privileges

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.2 Ensure that the API server pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.3.0 L1
1.1.2 Ensure that the API server pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform v1.6.0 L1
1.1.2 Ensure that the API server pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.4.0 L1
1.1.2 Ensure that the API server pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.2.0 L1
1.1.2 Ensure that the API server pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.1.4 Ensure that the controller manager pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.3.0 L1
1.1.4 Ensure that the controller manager pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform v1.6.0 L1
1.1.4 Ensure that the controller manager pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.2.0 L1
1.1.4 Ensure that the controller manager pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.4.0 L1
1.1.4 Ensure that the controller manager pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.1.6 Ensure that the scheduler pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.2.0 L1
1.1.6 Ensure that the scheduler pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.1.6 Ensure that the scheduler pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.4.0 L1
1.1.6 Ensure that the scheduler pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.3.0 L1
1.1.6 Ensure that the scheduler pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform v1.6.0 L1
1.1.8 Ensure that the etcd pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform v1.6.0 L1
1.1.8 Ensure that the etcd pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.3.0 L1
1.1.8 Ensure that the etcd pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.2.0 L1
1.1.8 Ensure that the etcd pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.4.0 L1
1.1.8 Ensure that the etcd pod specification file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.1.10 Ensure that the Container Network Interface file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.3.0 L1
1.1.10 Ensure that the Container Network Interface file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.4.0 L1
1.1.10 Ensure that the Container Network Interface file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.1.10 Ensure that the Container Network Interface file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.2.0 L1
1.1.10 Ensure that the Container Network Interface file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform v1.6.0 L1
1.1.12 Ensure that the etcd data directory ownership is set to etcd:etcdOpenShiftCIS RedHat OpenShift Container Platform 4 v1.3.0 L1
1.1.12 Ensure that the etcd data directory ownership is set to etcd:etcdOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.1.12 Ensure that the etcd data directory ownership is set to etcd:etcdOpenShiftCIS RedHat OpenShift Container Platform v1.6.0 L1
1.1.12 Ensure that the etcd data directory ownership is set to etcd:etcdOpenShiftCIS RedHat OpenShift Container Platform 4 v1.2.0 L1
1.1.12 Ensure that the etcd data directory ownership is set to etcd:etcdOpenShiftCIS RedHat OpenShift Container Platform 4 v1.4.0 L1
1.1.14 Ensure that the admin.conf file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.2.0 L1
1.1.14 Ensure that the admin.conf file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.3.0 L1
1.1.14 Ensure that the kubeconfig file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.1.14 Ensure that the kubeconfig file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.4.0 L1
1.1.14 Ensure that the kubeconfig file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform v1.6.0 L1
1.1.16 Ensure that the Scheduler kubeconfig file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform v1.6.0 L1
1.1.16 Ensure that the Scheduler kubeconfig file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.1.16 Ensure that the Scheduler kubeconfig file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.4.0 L1
1.1.16 Ensure that the scheduler.conf file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.3.0 L1
1.1.16 Ensure that the scheduler.conf file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.2.0 L1
1.1.18 Ensure that the Controller Manager kubeconfig file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.4.0 L1
1.1.18 Ensure that the Controller Manager kubeconfig file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.1.18 Ensure that the Controller Manager kubeconfig file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform v1.6.0 L1
1.1.18 Ensure that the controller-manager.conf file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.3.0 L1
1.1.18 Ensure that the controller-manager.conf file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.2.0 L1
1.1.19 Ensure that the OpenShift PKI directory and file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.3.0 L1
1.1.19 Ensure that the OpenShift PKI directory and file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
1.1.19 Ensure that the OpenShift PKI directory and file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.2.0 L1
1.1.19 Ensure that the OpenShift PKI directory and file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform 4 v1.4.0 L1
1.1.19 Ensure that the OpenShift PKI directory and file ownership is set to root:rootOpenShiftCIS RedHat OpenShift Container Platform v1.6.0 L1