- Audit
- Kubernetes Audit
Checks performed
- Web Dashboard Should Be Disabled
- Private Endpoints Should Be Enabled
- Private Cluster Should Be Enabled
- Pod Security Policy Should Be Enabled
- Network Policy Should Be Enabled
- Monitoring Should Be Enabled
- Master Authorized Network Should Be Enabled
- Logging Should Be Enabled
- Legacy Authorization Should Be Disabled
- Default Service Accounts Should Not Be Used
- Container-Optimized OS Should Be Enabled
- Cluster Should Have Limited Service Account Access
- Basic Authentication Should Be Disabled
- Automatic Node Upgrades Should Be Enabled
- Automatic Node Repair Should Be Enabled
- Alias IP Ranges Should Be Enabled
- Kubernetes Node Pool Autoscaling Should Be Enabled
- Kubernetes Boot Disk Should Be Encrypted With Customer Managed Keys
- Integrity Monitoring Should Be Enabled For Kubernetes Node Pools
- Secure Boot Should Be Enabled For Kubernetes Node Pools
- Shielded Nodes Should Be Used For Kubernetes Cluster
- Autoscaling Profile For Clusters Should Be Set To Optimize_Utilization or Balanced
- Cluster Master Endpoint Should Not Be Global.
- Latest Kubernetes Version Should Be Used.