-
Feature Request
-
Resolution: Unresolved
-
Major
-
None
-
None
-
None
-
Product / Portfolio Work
-
None
-
False
-
-
None
-
None
-
-
-
None
-
-
None
-
None
-
None
{}Problem:{} {}{}What problem is the customer trying to solve?{}{}
- Person A from Company X has reached out to us mentioning that they currently finding the CIS benchmarks for Kubernetes useful (for pure/local clusters), but wanted to know if there is an ETA for AWS EKS CIS benchmarks support.
- Person B from Company X would like to know release date for
- 1. Kubernetes CIS compliance v1.20
2. Kubernetes CIS compliance v1.23
3. Amazon EKS CIS compliance V1.0.1
4. Azure AKS CIS compliance v1.1.0
5. Google GKS CIS compliance v1.2.0
{}Solution:{} {}{}What is the specific feature request?{}{}
- At the current moment, we don't support CIS Benchmarks for AWS EKS. It would be great to get CIS benchmark support for this Kubernetes distribution (and probably also GKE CIS Benchmarks for GCP?)
{}Urgency:{} {}{}What is this feature currently blocking?{}{}
- Comment from Person A from Customer X:
> * Our production environment runs on EKS, and this is critical infrastructure for our FedRAMP products.
> * Support for CIS benchmark scanning on EKS is a top priority for us.
- Comment from Person B from Customer X;
> * Managed Kubernetes is a widely used service across the majority of cloud providers. I want to point out the below chart from data dog.
> * Are you saying that the Stackrox team is not interested in supporting compliance scans for more than 50% of k8s deployment across the 3 public cloud providers.
> * We just deployed stackrox in govcloud/fedramp environment. CIS is a mandatory requirement for FedRAMP certification. We had to manually build reports of CIS compliance to support ourselves.
> * Who do I need to talk to change their mind here?
{}Timeline:{} {}{}How long can we take to release this feature before it will cause friction with the customer?{}{}
- Comment from Person A from Customer X:
> * Our production environment runs on EKS, and this is critical infrastructure for our FedRAMP products.
> * Support for CIS benchmark scanning on EKS is a top priority for us.
- Comment from Person B from Customer X:;
> * Managed kubernetes are widely used services across majority of cloud providers. I want to point out below chart from datadog.
> * Are you saying that Stackrox team is not interested in supporting compliance scans for more than 50% of k8s deployment across the 3 public cloud providers.
> * We just deployed stackrox in govcloud/fedramp environment. CIS is a mandatory requirement for FedRAMP certification. We had to manually build reports of CIS compliance to support ourselves.
> * Who do I need to talk to change their mind here?
