Add a guide documentation for validating the Security Hardened Kubernetes ruleset against a Gardener Shoot Cluster #406

georgibaltiev · 2024-12-13T07:44:52Z

What this PR does / why we need it:
This PR adds an example configuration for running a compliance check with the Security Hardened Kubernetes ruleset for the managedk8s provider against a Gardener Shoot Cluster, as well as an .MD containing a step-by-step breakdown of the process.

Which issue(s) this PR fixes:
Part of #356

Special notes for your reviewer:

Release note:

georgibaltiev requested a review from a team as a code owner December 13, 2024 07:44

gardener-robot added needs/review Needs review size/l Size of pull request is large (see gardener-robot robot/bots/size.py) needs/second-opinion Needs second review by someone else labels Dec 13, 2024

georgibaltiev changed the title ~~Add guide documentation for validating the Security Hardened Kubernetes ruleset against a Gardener Shoot~~ Add a guide documentation for validating the Security Hardened Kubernetes ruleset against a Gardener Shoot Dec 13, 2024

georgibaltiev changed the title ~~Add a guide documentation for validating the Security Hardened Kubernetes ruleset against a Gardener Shoot~~ Add a guide documentation for validating the Security Hardened Kubernetes ruleset against a Gardener Shoot Cluster Dec 13, 2024

Add documents

3081c52

georgibaltiev force-pushed the add-security-hardened-k8s-documentation branch from f5d9acb to 3081c52 Compare December 13, 2024 10:22

gardener-robot-ci-1 added reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Dec 13, 2024

Remove skipped rules

0d52274

gardener-robot-ci-2 added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Dec 13, 2024

gardener-robot-ci-1 removed the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Dec 13, 2024

dimityrmirchev mentioned this pull request Dec 13, 2024

Allow selecting all volume names via wildcard "*" in rule 2003 from Security Hardened K8s #407

Open

Fix link pointing to the example configuration

e60686e

gardener-robot-ci-3 added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Dec 16, 2024

gardener-robot-ci-2 removed the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Dec 16, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add a guide documentation for validating the Security Hardened Kubernetes ruleset against a Gardener Shoot Cluster #406

Add a guide documentation for validating the Security Hardened Kubernetes ruleset against a Gardener Shoot Cluster #406

georgibaltiev commented Dec 13, 2024

Add a guide documentation for validating the Security Hardened Kubernetes ruleset against a Gardener Shoot Cluster #406

Are you sure you want to change the base?

Add a guide documentation for validating the Security Hardened Kubernetes ruleset against a Gardener Shoot Cluster #406

Conversation

georgibaltiev commented Dec 13, 2024