Uploaded image for project: 'Cloud Infrastructure Security & Compliance'
  1. Cloud Infrastructure Security & Compliance
  2. CMP-2309

Create an automated check for pods (not part of a replicated controller) that are running with the default SA

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • None
    • Compliance Operator
    • None
    • False
    • None
    • False
    • Not Selected
    • 0
    • 0% 0%

      Description of problem:
      Compliance rule ocp4-cis-accounts-unique-service-account is reported as "MANUAL" This Request is opened to have the ability to automate this verification.

      Automated rule should be able to verify is a deployment is using the default SA or not.

      Recommendation is not to use the default SA therefor if it's the case, the rule should fail.

       
      Version-Release number of selected component (if applicable):
      1.x

      How reproducible:
      always

      Steps to Reproduce:
      1. Create the scansettingbinding with CIS Benchmark profiles to verify
      2. Check the results

      Actual results:
      Rule is not being verified in an automatic way

      Expected results:
      Rule should be able to verify if the default SA is being used or not

      Additional info:

            Unassigned Unassigned
            rhn-support-pescorza Pamela Lizeth Escorza Gil
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: