KonradSchieban
commented
3 years ago Hi @mattbowes , the numbering is based on the CIS GKE Benchmark 1.1.0 pdf (found here: https://www.cisecurity.org/cis-benchmarks/). It looks like the numbering on the link you referred to is not in sync with this doc. I will check why this is not the case.
@binamov fyi
Fixing KMS control ID. KMS should be 6.3 according to https://cloud.google.com/kubernetes-engine/docs/concepts/cis-benchmarks
6.3 | Cloud Key Management Service (Cloud KMS) 6.3.1 | Consider encrypting Kubernetes Secrets using keys managed in Cloud KMS | Scored | L1 | Not Default