SRG-APP-000033-CTR-000095 Controls

STIG IDVersionTitleProduct
CNTR-K8-000320V2R4The Kubernetes API server must have the insecure port flag disabled.
CNTR-K8-000330V2R4The Kubernetes Kubelet must have the "readOnlyPort" flag disabled.
CNTR-K8-000340V2R4The Kubernetes API server must have the insecure bind address not set.
CNTR-K8-000380V2R4The Kubernetes kubelet must enable explicit authorization.
CNTR-K8-000400V2R4Kubernetes Worker Nodes must not have sshd service running.
CNTR-K8-000410V2R4Kubernetes Worker Nodes must not have the sshd service enabled.
CNTR-K8-000420V2R4Kubernetes dashboard must not be enabled.
CNTR-K8-000460V2R4Kubernetes DynamicKubeletConfig must not be enabled.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.