From 4bda263f5ebab1d8e384061c89908a8802c3df85 Mon Sep 17 00:00:00 2001 From: Rita Watson Date: Tue, 22 Aug 2023 17:03:08 -0700 Subject: [PATCH 1/3] Add infobox --- .../06-cluster-management/03-compliance-scan.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/content/docs/04-clusters/06-cluster-management/03-compliance-scan.md b/content/docs/04-clusters/06-cluster-management/03-compliance-scan.md index a6d39f21d5..db962ced2e 100644 --- a/content/docs/04-clusters/06-cluster-management/03-compliance-scan.md +++ b/content/docs/04-clusters/06-cluster-management/03-compliance-scan.md @@ -17,6 +17,14 @@ Palette provides a way to run compliance, security, conformance, and software bi Palette supports four types of scans. Each scan generates reports with details specific to the type of scan. You can initiate multiple scans of each type over time. In addition, Palette keeps a history of previous scans for comparison purposes. To learn more about each scan type, refer to the following sections. +
+ + + +Scans may not work as expected when a node is in maintainence mode. Before scheduling a scan, we recommend you turn off maintenance mode if it is enabled. To verify if a node is in maintenance mode, navigate to **Clusters** > **Nodes** and check the **Health** column for a **Maintenance mode** icon. To turn off maintenance mode, click the **three-dot** Menu in the row of the node you want to scan, and select **Turn off maintenance mode**. + + + # Configuration Security This scan examines the compliance of deployed Kubernetes security features against the CIS Kubernetes Benchmarks. CIS Kubernetes Benchmarks are consensus-driven security guidelines for the Kubernetes. Different releases of the CIS benchmark cover different releases of Kubernetes. By default, Kubernetes configuration security will determine the test set based on the Kubernetes version running on the cluster being scanned. Internally, Palette leverages an open-source tool called KubeBench from Aqua Security to perform this scan. Scans are run against master and worker nodes of the Kubernetes cluster, and a combined report is made available on the UI. Users can filter the report to view only the master or worker results if required. From f9d5eeb7e16d83e0462108b332fcdcc8ca4bec24 Mon Sep 17 00:00:00 2001 From: Rita Watson Date: Tue, 22 Aug 2023 17:12:41 -0700 Subject: [PATCH 2/3] Fix typo --- .../04-clusters/06-cluster-management/03-compliance-scan.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/docs/04-clusters/06-cluster-management/03-compliance-scan.md b/content/docs/04-clusters/06-cluster-management/03-compliance-scan.md index db962ced2e..396b239d80 100644 --- a/content/docs/04-clusters/06-cluster-management/03-compliance-scan.md +++ b/content/docs/04-clusters/06-cluster-management/03-compliance-scan.md @@ -21,7 +21,7 @@ Palette supports four types of scans. Each scan generates reports with details s -Scans may not work as expected when a node is in maintainence mode. Before scheduling a scan, we recommend you turn off maintenance mode if it is enabled. To verify if a node is in maintenance mode, navigate to **Clusters** > **Nodes** and check the **Health** column for a **Maintenance mode** icon. To turn off maintenance mode, click the **three-dot** Menu in the row of the node you want to scan, and select **Turn off maintenance mode**. +Scans may not work as expected when a node is in maintenance mode. Before scheduling a scan, we recommend you turn off maintenance mode if it is enabled. To verify if a node is in maintenance mode, navigate to **Clusters** > **Nodes** and check the **Health** column for a **Maintenance mode** icon. To turn off maintenance mode, click the **three-dot** Menu in the row of the node you want to scan, and select **Turn off maintenance mode**. From b9afc3d0966a8b662de6569d0cc553da03242aaa Mon Sep 17 00:00:00 2001 From: Rita Watson <117382432+ritawatson@users.noreply.github.com> Date: Wed, 23 Aug 2023 08:36:40 -0700 Subject: [PATCH 3/3] Update content/docs/04-clusters/06-cluster-management/03-compliance-scan.md Co-authored-by: Karl Cardenas --- .../04-clusters/06-cluster-management/03-compliance-scan.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/docs/04-clusters/06-cluster-management/03-compliance-scan.md b/content/docs/04-clusters/06-cluster-management/03-compliance-scan.md index 396b239d80..eb7d030ce6 100644 --- a/content/docs/04-clusters/06-cluster-management/03-compliance-scan.md +++ b/content/docs/04-clusters/06-cluster-management/03-compliance-scan.md @@ -21,7 +21,7 @@ Palette supports four types of scans. Each scan generates reports with details s -Scans may not work as expected when a node is in maintenance mode. Before scheduling a scan, we recommend you turn off maintenance mode if it is enabled. To verify if a node is in maintenance mode, navigate to **Clusters** > **Nodes** and check the **Health** column for a **Maintenance mode** icon. To turn off maintenance mode, click the **three-dot** Menu in the row of the node you want to scan, and select **Turn off maintenance mode**. +Scans may not work as expected when a node is in maintenance mode. Before scheduling a scan, we recommend you turn off maintenance mode if enabled. To verify if a node is in maintenance mode, navigate to **Clusters** > **Nodes** and check the **Health** column for a **Maintenance mode** icon. To turn off maintenance mode, click on the **three-dot Menu** in the row of the node you want to scan, and select **Turn off maintenance mode**.