Open kiran0432 opened 2 days ago
Can you guys help me to build a hardened container base operating system or suggest me if there is any solution for above issues.
Thanks for reaching out, this repo doesn't contain any support for Amazon Linux 2. Amazon adds this content during their build process. My suggestion would be use the content from the scap-security-guide
package in Amaozn Linux 2.
I will note that we do have content for Amazon Linux 2023 in this repo.
Hi,I am little bit confused.. when you say "My suggestion would be use the content from the scap-security-guide package in Amaozn Linux 2." Can you elaborate more. I am setting this up newly So not sure about that part.
also is there any possibility like though we are using AL2 as base image in Dockerfile, can we use RHEL9 content to scan CIS bench marks for AL2 since it mostly on RHEL/Centos flavour..
The scap-security-guide
package installed with yum
places the data stream XML files in /usr/share/xml/scap/ssg/content/
. There should be a data stream for Amazon Linux 2 there.
You can't use RHEL content for Amazon Linux 2 since all data streams check if they on the correct operating system. If they are not all checks will result in "Not Applicable". I will note that AL2 is more like RHEL7, than RHEL9.
Hello Team,
As pert a our security governance programe, we need to build a hardened docker base os using amazon linux:2. While I could not find any tool or software for this but I found this compliancascode project but while using this, I am getting below error.
Error : ERROR [5/9] RUN cd /opt/scap-security-guide && make -j$(nproc) build-amazon-linux-2 && make -j$(nproc) amazon-linux-2/guides/ssg-amazon-linux-2-cis.xml
Note : This is for a container base os not for a standalone server( ec2 os)
Code I am using :