Minimize the admission of root containers
Details Do not generally permit containers to be run as the root user. Rationale: Containers may run as any Linux...
- Home
- Security Hardening
- CIS Kubernetes V1.20 Benchmark V1.0.0 L2 Master
CIS Kubernetes V1.20 Benchmark V1.0.0 L2 Master
Prefer using secrets as files over secrets as environment variables
Details Kubernetes supports mounting secrets as data volumes or as environment variables. Minimize the use of environment variable secrets. Rationale:...The default namespace should not be used
Details Kubernetes provides a default namespace, where objects are placed if no namespace is specified for them. Placing objects in...