XMLWordPrintable

    • False
    • None
    • False
    • Not Selected
    • ?
    • No
    • ?
    • ?
    • ?
    • Telco 5G RAN

      1. Proposed title of this feature request
      OpenShift Hardening and Security doc. 

      2. What is the nature and description of the request?
      Provide a user manual for security configuration and hardening for OpenShift similar to the RHEL Security Hardening Guide and related content. 
      https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/index 
      https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/using_selinux/index 
      https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/securing_networks/index 
      https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/managing_and_monitoring_security_updates/index
      Such documentation should also be provided for each of the major components of OpenShift Platform Plus.

      Some relevant content is documented, but there is additional content that is external to the OpenShift documentation and is not maintained as part of the documentation set.  Most of this content is in the OCP 4 Security Guide:
      https://www.redhat.com/en/resources/openshift-security-guide-ebook

      Below is a link to documentation that is present, but should be reviewed for alignment with other RH security guides and customer requests.
      https://docs.openshift.com/container-platform/4.10/security/index.html

      Documentation that is missing: Communication flow matrix with a list of open ports / listening ports and purpose (see RFE-2763). 

      3. Why does the customer need this? (List the business requirements here)
      Customers and partners need this information to be available and updated for every release as input to their security posture management of their OpenShift Platform Plus deployments.

      4. List any affected packages or components.
      OpenShift core platform
      Advanced Cluster Management
      Advanced Cluster Securty
      Quay
      OpenShift Data Foundation

              sstout@redhat.com Stephanie Stout
              rh-ee-masimonm Maria Simon Marcos
              Hari Rakotoranto, Robert Love, Yuval Kashtan
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated: