Back

Configure the "RotateKubeletServerCertificate" argument to organizational standards.


CONTROL ID
14626
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Configure "Kubernetes" to organizational standards., CC ID: 14528

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • Verify that the RotateKubeletServerCertificate argument is set to true Description: Enable kubelet server certificate rotation. Rationale: `RotateKubeletServerCertificate` causes the kubelet to both request a serving certificate after bootstrapping its client credentials and rotate the certificate a… (4.2.12, The Center for Internet Security Kubernetes Level 1 Worker Node Benchmark, v 1.6.0)
  • Ensure that the RotateKubeletServerCertificate argument is set to true Description: Enable kubelet server certificate rotation on controller-manager. Rationale: RotateKubeletServerCertificate causes the kubelet to both request a serving certificate after bootstrapping its client credentials and rota… (1.3.6, The Center for Internet Security Kubernetes Level 2 Master Node Benchmark, v 1.6.0)
  • Verify that the RotateKubeletServerCertificate argument is set to true Description: Enable kubelet server certificate rotation. Rationale: `RotateKubeletServerCertificate` causes the kubelet to both request a serving certificate after bootstrapping its client credentials and rotate the certificate a… (4.2.12, The Center for Internet Security Kubernetes Level 2 Worker Node Benchmark, v 1.6.0)