general — General
15 findings in the General component
V-242383User-managed resources must be created in dedicated namespaces.
V-242393Kubernetes Worker Nodes must not have sshd service running.
V-242394Kubernetes Worker Nodes must not have the sshd service enabled.
V-242395Kubernetes dashboard must not be enabled.
V-242396Kubernetes Kubectl cp command must give expected access and results.
V-242405The Kubernetes manifests must be owned by root.
V-242408The Kubernetes manifest files must have least privileges.
V-242412The Kubernetes Controllers must enforce ports, protocols, and services (PPS) that adhere to the Ports, Protocols, and Services Management Category Assurance List (PPSM CAL).
V-242417Kubernetes must separate user functionality.
V-242442Kubernetes must remove old components after updated versions have been installed.
V-242443Kubernetes must contain the latest updates as authorized by IAVMs, CTOs, DTMs, and STIGs.
V-242444The Kubernetes component manifests must be owned by root.
V-242451The Kubernetes component PKI must be owned by root.
V-242466The Kubernetes PKI CRT must have file permissions set to 644 or more restrictive.
V-242467The Kubernetes PKI keys must have file permissions set to 600 or more restrictive.