AC_K8S_0038 | Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate | Kubernetes | Data Protection | MEDIUM |
AC_K8S_0041 | Ensure that the --etcd-cafile argument is set as appropriate | Kubernetes | Data Protection | MEDIUM |
AC_GCP_0010 | Ensure That the Default Network Does Not Exist in a Project - google_project | GCP | Infrastructure Security | LOW |
AC_GCP_0002 | Ensure That the Cloud SQL Database Instance Requires All Incoming Connections To Use SSL | GCP | Infrastructure Security | HIGH |
AC_GCP_0371 | Ensure That the Default Network Does Not Exist in a Project - google_compute_network | GCP | Infrastructure Security | LOW |
AC_GCP_0134 | Ensure That RDP Access Is Restricted From the Internet | GCP | Infrastructure Security | HIGH |
AC_GCP_0260 | Ensure That SSH Access Is Restricted From the Internet | GCP | Infrastructure Security | HIGH |
AC_GCP_0282 | Ensure That Compute Instances Do Not Have Public IP Addresses | GCP | Infrastructure Security | MEDIUM |
AC_GCP_0281 | Ensure That Compute Instances Have Confidential Computing Enabled | GCP | Security Best Practices | MEDIUM |
AC_GCP_0301 | Ensure That Instances Are Not Configured To Use the Default Service Account With Full Access to All Cloud APIs | GCP | Identity and Access Management | HIGH |
AC_K8S_0006 | Ensure that the --tls-cert-file and --tls-private-key-file arguments are set as appropriate | Kubernetes | Infrastructure Security | MEDIUM |
AC_GCP_0232 | Ensure That IP Forwarding Is Not Enabled on Instances | GCP | Infrastructure Security | MEDIUM |
AC_K8S_0039 | Ensure that the --tls-cert-file and --tls-private-key-file arguments are set as appropriate | Kubernetes | Data Protection | MEDIUM |
AC_K8S_0103 | Minimize access to create pods | Kubernetes | Identity and Access Management | HIGH |
AC_K8S_0051 | Prefer using secrets as files over secrets as environment variables | Kubernetes | Infrastructure Security | HIGH |
AC_K8S_0086 | The default namespace should not be used | Kubernetes | Security Best Practices | LOW |
AC_K8S_0007 | Ensure that the --authorization-mode argument is not set to AlwaysAllow | Kubernetes | Identity and Access Management | HIGH |
AC_K8S_0056 | Ensure that the RotateKubeletServerCertificate argument is set to true | Kubernetes | Infrastructure Security | MEDIUM |
AC_K8S_0064 | Apply Security Context to Your Pods and Containers | Kubernetes | Infrastructure Security | MEDIUM |
AC_K8S_0008 | Ensure that a Client CA File is Configured | Kubernetes | Identity and Access Management | HIGH |
AC_K8S_0104 | Minimize wildcard use in Roles and ClusterRoles | Kubernetes | Identity and Access Management | HIGH |
AC_K8S_0003 | Ensure that the --make-iptables-util-chains argument is set to true | Kubernetes | Infrastructure Security | LOW |
AC_K8S_0005 | Ensure that the Anonymous Auth is Not Enabled | Kubernetes | Identity and Access Management | MEDIUM |
AC_K8S_0009 | Ensure that the --rotate-certificates argument is not present or is set to true | Kubernetes | Data Protection | MEDIUM |
AC_K8S_0040 | Ensure that a Client CA File is Configured | Kubernetes | Data Protection | MEDIUM |
AC_K8S_0045 | Ensure that Service Account Tokens are only mounted where necessary | Kubernetes | Identity and Access Management | MEDIUM |
AC_K8S_0101 | Minimize access to secrets | Kubernetes | Identity and Access Management | HIGH |
AC_K8S_0089 | Ensure that the Anonymous Auth is Not Enabled | Kubernetes | Identity and Access Management | MEDIUM |