{ “id”: “4.2.1”, “text”: “Ensure that the anonymous-auth argument is set to false (Automated)”, “audit”: “/bin/ps -fC kubelet”, “audit_config”: “/bin/cat $kubeletconf”, “tests”: {
"test_items": [
{
"flag": "--anonymous-auth",
"path": "{.authentication.anonymous.enabled}",
"compare": {
"op": "eq",
"value": false
}
}
]
},
“remediation”: “\nIf using a Kubelet config file, edit the file to set authentication: anonymous: enabled to\nfalse.\nIf using executable arguments, edit the kubelet service file\n$kubeletsvc on each worker node and\nset the below parameter in KUBELET_SYSTEM_PODS_ARGS variable.\n–anonymous-auth=false\nBased on your system, restart the kubelet service. For example:\nsystemctl daemon-reload\nsystemctl restart kubelet.service”,
“scored”: true
}
内容由零声教学AI助手提供,问题来源于学员提问
