Merge pull request #366 from YiscahLevySilas1/subsections

feat:add controlIDs to cis-aks fw subsections
kubescape · Apr 17, 2023 · 8a961f5 · 8a961f5
2 parents a1ae22b + f1d5d8b
commit 8a961f5
Showing 1 changed file with 31 additions and 14 deletions.
diff --git a/frameworks/cis-aks-t1.2.0.json b/frameworks/cis-aks-t1.2.0.json
@@ -431,13 +431,13 @@
                 "name": "CIS-5.2.1 Prefer using dedicated AKS Service Accounts"
             }
         },
-	{
+        {
             "controlID": "C-0240",
             "patch": {
                 "name": "CIS-5.4.4 Ensure Network Policy is Enabled and set as appropriate"
             }
         },
-	{
+        {
             "controlID": "C-0241",
             "patch": {
                 "name": "CIS-5.2.2 Use Azure RBAC for Kubernetes Authorization"
@@ -467,7 +467,7 @@
                 "name": "CIS-5.4.5 Encrypt traffic to HTTPS load balancers with TLS certificates"
             }
         },
-	{
+        {
             "controlID": "C-0247",
             "patch": {
                 "name": "CIS-5.4.1 Restrict Access to the Control Plane Endpoint"
@@ -501,14 +501,14 @@
             "controlID": "C-0252",
             "patch": {
                 "name": "CIS-5.4.2 Ensure clusters are created with Private Endpoint Enabled and Public Access Disabled"
-	    }
-	},
+            }
+        },
         {
             "controlID": "C-0253",
             "patch": {
                 "name": "CIS-2.1.1 Enable audit Logs"
-	    }
-	}
+            }
+        }
     ],
     "subSections": {
         "2": {
@@ -518,7 +518,9 @@
                 "1": {
                     "name": "Logging",
                     "id": "2.1",
-                    "controlsIDs": []
+                    "controlsIDs": [
+                        "C-0253"
+                    ]
                 }
             }
         },
@@ -630,25 +632,37 @@
                     "name": "Image Registry and Image Scanning",
                     "id": "5.1",
                     "controlsIDs": [
-                        "C-0078"
+                        "C-0078",
+                        "C-0243",
+                        "C-0250",
+                        "C-0251"
                     ]
                 },
                 "2": {
                     "name": "Access and identity options for Azure Kubernetes Service (AKS)",
                     "id": "5.2",
                     "controlsIDs": [
-                        "C-0239"
+                        "C-0239",
+                        "C-0241"
                     ]
                 },
                 "3": {
                     "name": "Key Management Service (KMS)",
                     "id": "5.3",
-                    "controlsIDs": []
+                    "controlsIDs": [
+                        "C-0244"
+                    ]
                 },
                 "4": {
                     "name": "Cluster Networking",
                     "id": "5.4",
-                    "controlsIDs": []
+                    "controlsIDs": [
+                        "C-0240",
+                        "C-0245",
+                        "C-0247",
+                        "C-0248",
+                        "C-0252"
+                    ]
                 },
                 "5": {
                     "name": "Authentication and Authorization",
@@ -660,9 +674,12 @@
                 "6": {
                     "name": "Other Cluster Configurations",
                     "id": "5.6",
-                    "controlsIDs": []
+                    "controlsIDs": [
+                        "C-0242",
+                        "C-0249"
+                    ]
                 }
             }
         }
     }
-}
+}