Skip to content

Commit

Permalink
CKV_K8S_110 (#141)
Browse files Browse the repository at this point in the history
  • Loading branch information
@hadarpl @actions-user
hadarpl authored and actions-user committed Mar 17, 2021
1 parent c2fc3bc commit d3c51d1
Show file tree
Hide file tree
Showing 3 changed files with 16 additions and 15 deletions.
2 changes: 1 addition & 1 deletion checkov/version.py
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
version = '1.0.898'
version = '1.0.899'
27 changes: 14 additions & 13 deletions docs/3.Scans/resource-scans.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -647,19 +647,20 @@ nav_order: 1
| 636 | CKV_K8S_106 | PodSecurityPolicy | containers | Ensure that the --terminated-pod-gc-threshold argument is set as appropriate | Kubernetes |
| 637 | CKV_K8S_107 | PodSecurityPolicy | containers | Ensure that the --profiling argument is set to false | Kubernetes |
| 638 | CKV_K8S_108 | PodSecurityPolicy | containers | Ensure that the --use-service-account-credentials argument is set to true | Kubernetes |
| 639 | CKV_K8S_114 | PodSecurityPolicy | containers | Ensure that the --profiling argument is set to false | Kubernetes |
| 640 | CKV_K8S_115 | PodSecurityPolicy | containers | Ensure that the --bind-address argument is set to 127.0.0.1 | Kubernetes |
| 641 | CKV_K8S_116 | PodSecurityPolicy | containers | Ensure that the --cert-file and --key-file arguments are set as appropriate | Kubernetes |
| 642 | CKV_K8S_121 | PodSecurityPolicy | Pod | Ensure that the --peer-client-cert-auth argument is set to true | Kubernetes |
| 643 | CKV_K8S_138 | PodSecurityPolicy | containers | Ensure that the --anonymous-auth argument is set to false | Kubernetes |
| 644 | CKV_K8S_139 | PodSecurityPolicy | containers | Ensure that the --authorization-mode argument is not set to AlwaysAllow | Kubernetes |
| 645 | CKV_K8S_146 | PodSecurityPolicy | containers | Ensure that the --hostname-override argument is not set | Kubernetes |
| 646 | CKV_K8S_147 | PodSecurityPolicy | containers | Ensure that the --event-qps argument is set to 0 or a level which ensures appropriate event capture | Kubernetes |
| 647 | CKV_K8S_149 | PodSecurityPolicy | containers | Ensure that the --rotate-certificates argument is not set to false | Kubernetes |
| 648 | CKV_K8S_150 | PodSecurityPolicy | containers | Ensure that the RotateKubeletServerCertificate argument is set to true | Kubernetes |
| 649 | CKV_K8S_151 | PodSecurityPolicy | containers | Ensure that the Kubelet only makes use of Strong Cryptographic Ciphers | Kubernetes |
| 650 | CKV_LIN_1 | provider | linode | Ensure no hard coded Linode tokens exist in provider | Terraform |
| 651 | CKV_LIN_2 | resource | linode_instance | Ensure SSH key set in authorized_keys | Terraform |
| 639 | CKV_K8S_110 | PodSecurityPolicy | containers | Ensure that the --service-account-private-key-file argument is set as appropriate | Kubernetes |
| 640 | CKV_K8S_114 | PodSecurityPolicy | containers | Ensure that the --profiling argument is set to false | Kubernetes |
| 641 | CKV_K8S_115 | PodSecurityPolicy | containers | Ensure that the --bind-address argument is set to 127.0.0.1 | Kubernetes |
| 642 | CKV_K8S_116 | PodSecurityPolicy | containers | Ensure that the --cert-file and --key-file arguments are set as appropriate | Kubernetes |
| 643 | CKV_K8S_121 | PodSecurityPolicy | Pod | Ensure that the --peer-client-cert-auth argument is set to true | Kubernetes |
| 644 | CKV_K8S_138 | PodSecurityPolicy | containers | Ensure that the --anonymous-auth argument is set to false | Kubernetes |
| 645 | CKV_K8S_139 | PodSecurityPolicy | containers | Ensure that the --authorization-mode argument is not set to AlwaysAllow | Kubernetes |
| 646 | CKV_K8S_146 | PodSecurityPolicy | containers | Ensure that the --hostname-override argument is not set | Kubernetes |
| 647 | CKV_K8S_147 | PodSecurityPolicy | containers | Ensure that the --event-qps argument is set to 0 or a level which ensures appropriate event capture | Kubernetes |
| 648 | CKV_K8S_149 | PodSecurityPolicy | containers | Ensure that the --rotate-certificates argument is not set to false | Kubernetes |
| 649 | CKV_K8S_150 | PodSecurityPolicy | containers | Ensure that the RotateKubeletServerCertificate argument is set to true | Kubernetes |
| 650 | CKV_K8S_151 | PodSecurityPolicy | containers | Ensure that the Kubelet only makes use of Strong Cryptographic Ciphers | Kubernetes |
| 651 | CKV_LIN_1 | provider | linode | Ensure no hard coded Linode tokens exist in provider | Terraform |
| 652 | CKV_LIN_2 | resource | linode_instance | Ensure SSH key set in authorized_keys | Terraform |


---
Expand Down
2 changes: 1 addition & 1 deletion kubernetes/requirements.txt
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
checkov==1.0.898
checkov==1.0.899

0 comments on commit d3c51d1

Please sign in to comment.