github.com/khulnasoft-lab/kube-bench@v0.2.1-0.20240330183753-9df52345ae58/cfg/aks-1.0/controlplane.yaml (about) 1 --- 2 controls: 3 version: "aks-1.0" 4 id: 2 5 text: "Control Plane Configuration" 6 type: "controlplane" 7 groups: 8 - id: 2.1 9 text: "Logging" 10 checks: 11 - id: 2.1.1 12 text: "Enable audit Logs" 13 type: "manual" 14 remediation: | 15 Azure audit logs are enabled and managed in the Azure portal. To enable log collection for 16 the Kubernetes master components in your AKS cluster, open the Azure portal in a web 17 browser and complete the following steps: 18 1. Select the resource group for your AKS cluster, such as myResourceGroup. Don't 19 select the resource group that contains your individual AKS cluster resources, such 20 as MC_myResourceGroup_myAKSCluster_eastus. 21 2. On the left-hand side, choose Diagnostic settings. 22 3. Select your AKS cluster, such as myAKSCluster, then choose to Add diagnostic setting. 23 4. Enter a name, such as myAKSClusterLogs, then select the option to Send to Log Analytics. 24 5. Select an existing workspace or create a new one. If you create a workspace, provide 25 a workspace name, a resource group, and a location. 26 6. In the list of available logs, select the logs you wish to enable. For this example, 27 enable the kube-audit and kube-audit-admin logs. Common logs include the kube- 28 apiserver, kube-controller-manager, and kube-scheduler. You can return and change 29 the collected logs once Log Analytics workspaces are enabled. 30 7. When ready, select Save to enable collection of the selected logs. 31 scored: false