Back

Configure the "encryption-provider-config" argument to organizational standards.


CONTROL ID
14587
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Configure "Kubernetes" to organizational standards., CC ID: 14528

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • Ensure that the --encryption-provider-config argument is set as appropriate Description: Encrypt etcd key-value store. Rationale: etcd is a highly available key-value store used by Kubernetes deployments for persistent storage of all of its REST API objects. These objects are sensitive in nature and… (1.2.33, The Center for Internet Security Kubernetes Level 1 Master Node Benchmark, v 1.6.0)
  • Ensure that the --encryption-provider-config argument is set as appropriate Description: Encrypt etcd key-value store. Rationale: etcd is a highly available key-value store used by Kubernetes deployments for persistent storage of all of its REST API objects. These objects are sensitive in nature and… (1.2.33, The Center for Internet Security Kubernetes Level 2 Master Node Benchmark, v 1.6.0)