diff --git a/docs/architecture.md b/docs/architecture.md index c65978f0a..70cdbf02d 100644 --- a/docs/architecture.md +++ b/docs/architecture.md @@ -5,11 +5,11 @@ The tests (or "controls") are maintained in YAML documents. There are different ## Kube-bench benchmarks The test files for the various versions of Benchmarks can be found in directories -with same name as the Benchmark versions under the `cfg` directory next to the kube-bench executable, +with same name as the Benchmark versions under the `cfg` directory next to the kube-bench executable, for example `./cfg/cis-1.5` will contain all test files for [CIS Kubernetes Benchmark v1.5.1](https://workbench.cisecurity.org/benchmarks/4892) which are: -master.yaml, controlplane.yaml, node.yaml, etcd.yaml, policies.yaml and config.yaml +master.yaml, controlplane.yaml, node.yaml, etcd.yaml, policies.yaml and config.yaml -Check the contents of the benchmark directory under `cfg` to see which targets are available for that benchmark. Each file except `config.yaml` represents a target (also known as a `control` in other parts of this documentation). +Check the contents of the benchmark directory under `cfg` to see which targets are available for that benchmark. Each file except `config.yaml` represents a target (also known as a `control` in other parts of this documentation). The following table shows the valid targets based on the CIS Benchmark version. @@ -29,6 +29,7 @@ The following table shows the valid targets based on the CIS Benchmark version. | eks-1.0.1 | controlplane, node, policies, managedservices | | eks-1.1.0 | controlplane, node, policies, managedservices | | eks-1.2.0 | controlplane, node, policies, managedservices | +| eks-1.5.0 | controlplane, node, policies, managedservices | | ack-1.0 | master, controlplane, node, etcd, policies, managedservices | | aks-1.0 | controlplane, node, policies, managedservices | | rh-0.7 | master,node| diff --git a/docs/platforms.md b/docs/platforms.md index d6fbcf712..3f8cdba70 100644 --- a/docs/platforms.md +++ b/docs/platforms.md @@ -5,7 +5,7 @@ kube-bench supports running tests for Kubernetes. Most of our supported benchmarks are defined in one of the following: [CIS Kubernetes Benchmarks](https://www.cisecurity.org/benchmark/kubernetes/) [STIG Document Library](https://public.cyber.mil/stigs/downloads) - + Some defined by other hardenening guides. | Source | Kubernetes Benchmark | kube-bench config | Kubernetes versions | @@ -24,6 +24,7 @@ Some defined by other hardenening guides. | CIS | [EKS 1.0.1](https://workbench.cisecurity.org/benchmarks/6041) | eks-1.0.1 | EKS | | CIS | [EKS 1.1.0](https://workbench.cisecurity.org/benchmarks/6248) | eks-1.1.0 | EKS | | CIS | [EKS 1.2.0](https://workbench.cisecurity.org/benchmarks/9681) | eks-1.2.0 | EKS | +| CIS | [EKS 1.5.0](https://workbench.cisecurity.org/benchmarks/17733) | eks-1.5.0 | EKS | | CIS | [ACK 1.0.0](https://workbench.cisecurity.org/benchmarks/6467) | ack-1.0 | ACK | | CIS | [AKS 1.0.0](https://workbench.cisecurity.org/benchmarks/6347) | aks-1.0 | AKS | | RHEL | RedHat OpenShift hardening guide | rh-0.7 | OCP 3.10-3.11 |