Search for kube-bench from the Security Hub console integration and click " Accept findings" to see information about the IAM policies required to send the findings to Security Hub. Ran the CIS Amazon EKS Benchmark v1.0 check in an EKS cluster. I have confirmed that the following versions work. Internally, the result information is managed in a JSON type format called AWS Security Finding Format (ASFF), so you can import your own data as long as it conforms to this format. Security Hub integrates with many 3rd party security products, as well as AWS services such as Amazon GuardDuty, Inspector, and Macie.ĭata can be sent from Security Hub-enabled products to the Security Hub and vice versa. What is AWS Security Hub?ĪWS Security Hub is a service for aggregating and centrally managing various security data for the entire AWS environment. Kube-bench supports checking not only the CIS Kubernetes Benchmark, but also the CIS Amazon Elastic Kubernetes Service (EKS) Benchmark and CIS Google Kubernetes Engine (GKE) Benchmark. Kube-bench is a Go application that allows you to check if your environment complies with the recommendations listed in the CIS Kubernetes Benchmark.
CIS BENCHMARK FOR AWS EKS PDF
You can download over 140 CIS Benchmarks in PDF format from the CIS website.Ĭ/cis-benchmarks What is kube-bench? What is CIS Benchmark?ĬIS Benchmark is a set of guidelines published by the Center for Internet Security (CIS), a non-profit organization in the United States, for strengthening various operating systems, servers, and cloud environments.ĬIS Benchmark is referenced in compliance requirements such as the PCI DSS when it states "industry-accepted system hardening standards". With this integration, the results of the CIS Kubernetes Benchmark and CIS Amazon EKS Benchmark checks run by kube-bench can now be centrally managed in AWS Security Hub. 🚀 AWS Security Hub adds open source tool integrations with Kube-bench and Cloud CustodianĪws./jp/about-aws/whats-new/2020/. Kube-bench has been added to the 3rd party integrations in AWS Security Hub.
0 kommentar(er)
