-
Epic
-
Resolution: Unresolved
-
Undefined
-
None
-
ACM 2.10.0, MCE 2.5.0
-
None
-
Ensure Kubernetes SCC V2 Compliance for Pods in ACM Cluster
-
False
-
None
-
False
-
Not Selected
-
To Do
-
50% To Do, 50% In Progress, 0% Done
Epic Goal
The goal of this epic is to guarantee that all pods running within the ACM (Advanced Cluster Management) cluster adhere to Kubernetes Security Context Constraints (SCC). The implementation of a comprehensive SCC compliance checking system will proactively maintain a secure and compliant environment, mitigating security risks.
Why is this important?
Ensuring SCC compliance is critical for the security and stability of a Kubernetes cluster.
Scenarios
A customer who is responsible for overseeing the operations of their cluster, faces the challenge of maintaining a secure and compliant Kubernetes environment. The organization relies on the ACM cluster to run a variety of critical workloads across multiple namespaces. Security and compliance are top priorities, especially considering the sensitive nature of the data and applications hosted in the cluster.
Deployments to Investigate
Only Annotation Needed:
- [ ] klusterlet-addon-search
Further Investigation Needed
- [ ] search-postgres
Acceptance Criteria
- [ ] Develop a script capable of automated checks for SCC compliance for all pods within the ACM cluster, spanning multiple namespaces.
Dependencies (internal and external)
- ...
Previous Work (Optional):
- ...
Open questions:
- …
Done Checklist
- CI - CI is running, tests are automated and merged.
- Release Enablement <link to Feature Enablement Presentation>
- DEV - Upstream code and tests merged: <link to meaningful PR or GitHub
Issue> - DEV - Upstream documentation merged: <link to meaningful PR or GitHub
Issue> - DEV - Downstream build attached to advisory: <link to errata>
- QE - Test plans in Polarion: <link or reference to Polarion>
- QE - Automated tests merged: <link or reference to automated tests>
- DOC - Downstream documentation merged: <link to meaningful PR>
- clones
-
ACM-8443 Ensure Kubernetes SCC V2 Compliance for Pods in ACM Cluster
- Resolved