Kubernetes

TEMPLATE kubernetes_machine_config_file
Macro which generates Kubernetes remediation in MachineConfig format:

  • path (String): Path to the configuration file.

  • file_permissions_mode (String): File permissions to be applied to the file represented by path argument

  • source_content (String): The source of the content to be applied.

kubernetes_machine_config_file(path=’’, file_permissions_mode=’’, source=’’)

TEMPLATE kubernetes_machine_config_file_with_dependencies

Macro which generates Kubernetes remediation in MachineConfig format with dependencies reflected:

  • path (String): Path to the configuration file.

  • file_permissions_mode (String): File permissions to be applied to the file represented by path argument

  • source_content (String): The source of the content to be applied.

  • deps (list): The list of dependencies for this remediation to be applies (they’re XCCDF IDs)

kubernetes_machine_config_file_with_dependencies(path=’’, file_permissions_mode=’’, source=’’, deps=[])

TEMPLATE kubernetes_sshd_set

High level macro to generate Kubernetes remediation to set the ssh daemon configuration file.

kubernetes_sshd_set()

TEMPLATE kubernetes_usbguard_set

High level macro to generate Kubernetes remediation to set the usbguard daemon configuration file.

kubernetes_usbguard_set(deps=[])

TEMPLATE kubernetes_machineconfig_audit_add_syscall_rule

Macro to generate MachineConfig adding an auditd rule for syscall watching

kubernetes_machineconfig_audit_add_syscall_rule(path=’’, syscalls=[], key=’’, fields=’’)

TEMPLATE kubernetes_machineconfig_ospp_audit_rules

Macro to generate MachineConfig setting OSPP audit rules

kubernetes_machineconfig_ospp_audit_rules()

TEMPLATE kubernetes_machineconfig_logrotate_config

Macro to generate MachineConfig setting our recommended logrotate.conf

kubernetes_machineconfig_logrotate_config()

TEMPLATE kubernetes_machineconfig_auditd_config

Macro to generate MachineConfig setting our recommended auditd.conf

kubernetes_machineconfig_auditd_config()

TEMPLATE kubernetes_machineconfig_chrony_config

Macro to generate MachineConfig setting our recommended chrony.conf

kubernetes_machineconfig_chrony_config()