Loading...

XML

Word

Printable

Type: Feature Request
Resolution: Unresolved
Priority: Normal
Fix Version/s: None
Affects Version/s: None
Component/s: Compliance Operator, compliance-operator
Labels:
- automate_CIS

Target Version:
None
Activity Type:
Product / Portfolio Work
Status Summary:
None
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Products:
None
Hierarchy Progress Bar:
None

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

PX Review Complete:
PX Impact Score:
PX Impact Range:
PX Priority Data:
PX Technical Impact:
PX Technical Impact Notes:
PX Scheduling Request:
None

Description of problem:
Compliance rule ocp4-cis-accounts-unique-service-account is reported as "MANUAL" This Request is opened to have the ability to automate this verification.

Automated rule should be able to verify is a deployment is using the default SA or not.

Recommendation is not to use the default SA therefor if it's the case, the rule should fail.

Version-Release number of selected component (if applicable):
1.x

How reproducible:
always

Steps to Reproduce:
1. Create the scansettingbinding with CIS Benchmark profiles to verify
2. Check the results

Actual results:
Rule is not being verified in an automatic way

Expected results:
Rule should be able to verify if the default SA is being used or not

Additional info:

relates to

OCPBUGS-9252 Create an automated check for pods (not part of a replicated controller) that are running with the default SA

Closed

Assignee:: Lance Bragstad

Reporter:: Pamela Lizeth Escorza Gil

Need Info From:: None

Votes:: 1 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2023/11/15 9:58 PM

Updated:: 2025/08/02 1:29 PM

Target start:: None

Target end:: None

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates