github.com/khulnasoft-lab/kube-bench@v0.2.1-0.20240330183753-9df52345ae58/docs/architecture.md

github.com/khulnasoft-lab/kube-bench@v0.2.1-0.20240330183753-9df52345ae58/docs/architecture.md (about)

     1  ## Test config YAML representation
     2  
     3  The tests (or "controls") are maintained in YAML documents. There are different versions of these test YAML files reflecting different [versions and platforms of the CIS Kubernetes Benchmark](./platforms.md). You will find more information about the test file YAML definitions in our [controls documentation](./controls.md).
     4  
     5  ## Kube-bench benchmarks
     6  
     7  The test files for the various versions of Benchmarks can be found in directories
     8  with same name as the Benchmark versions under the `cfg` directory next to the kube-bench executable, 
     9  for example `./cfg/cis-1.5` will contain all test files for [CIS Kubernetes Benchmark v1.5.1](https://workbench.cisecurity.org/benchmarks/4892) which are:
    10  master.yaml, controlplane.yaml, node.yaml, etcd.yaml, policies.yaml and config.yaml 
    11  
    12  Check the contents of the benchmark directory under `cfg` to see which targets are available for that benchmark. Each file except `config.yaml` represents a target (also known as a `control` in other parts of this documentation). 
    13  
    14  The following table shows the valid targets based on the CIS Benchmark version.
    15  
    16  | CIS Benchmark        | Targets |
    17  |----------------------|---------|
    18  | cis-1.5              | master, controlplane, node, etcd, policies |
    19  | cis-1.6              | master, controlplane, node, etcd, policies |
    20  | cis-1.20             | master, controlplane, node, etcd, policies |
    21  | cis-1.23             | master, controlplane, node, etcd, policies |
    22  | cis-1.24             | master, controlplane, node, etcd, policies |
    23  | cis-1.7              | master, controlplane, node, etcd, policies |
    24  | cis-1.8              | master, controlplane, node, etcd, policies |
    25  | gke-1.0              | master, controlplane, node, etcd, policies, managedservices |
    26  | gke-1.2.0            | controlplane, node, policies, managedservices |
    27  | eks-1.0.1            | controlplane, node, policies, managedservices |
    28  | eks-1.1.0            | controlplane, node, policies, managedservices |
    29  | eks-1.2.0            | controlplane, node, policies, managedservices |
    30  | ack-1.0              | master, controlplane, node, etcd, policies, managedservices |
    31  | aks-1.0              | controlplane, node, policies, managedservices |
    32  | rh-0.7               | master,node|
    33  | rh-1.0               | master, controlplane, node, etcd, policies |
    34  | cis-1.6-k3s          | master, controlplane, node, etcd, policies |
    35  | cis-1.24-microk8s    | master, controlplane, node, etcd, policies |
    36  
    37  The following table shows the valid DISA STIG versions
    38  
    39  | STIG                       | Targets |
    40  |----------------------------|---------|
    41  | eks-stig-kubernetes-v1r6   | master, controlplane, node, policies, managedservices |
    42  
    43