Back

Configure the "peer-client-cert-auth" argument to organizational standards.


CONTROL ID
14614
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Configure "etcd" to organizational standards., CC ID: 14535

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • Ensure that the --peer-client-cert-auth argument is set to true Description: etcd should be configured for peer authentication. Rationale: etcd is a highly-available key value store used by Kubernetes deployments for persistent storage of all of its REST API objects. These objects are sensitive in n… (2.5, The Center for Internet Security Kubernetes Level 1 Master Node Benchmark, v 1.6.0)
  • Ensure that the --peer-client-cert-auth argument is set to true Description: etcd should be configured for peer authentication. Rationale: etcd is a highly-available key value store used by Kubernetes deployments for persistent storage of all of its REST API objects. These objects are sensitive in n… (2.5, The Center for Internet Security Kubernetes Level 2 Master Node Benchmark, v 1.6.0)