EKS checks for benchmark (1.0.1 and 1.1.0) are not correct

aquasecurity / kube-bench

Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark

Apache License 2.0

7.03k stars 1.22k forks source link

Open anupamtamrakar opened 2 years ago

anupamtamrakar commented 2 years ago

Lot of checks which are having Keyword '(Automated)' in the text description is actually having type 'manual'

We should check with official benchmark and update those checks accordingly

joebowbeer commented 2 years ago

See #1282

Automated text in the test description is an assessment, but some of these tests may be type: manual in practice.

I count 7 Automated tests in eks-1.1.0 Pod Security Policies that are type:manual.