Skip to content

Commit

Permalink
Merge pull request #10787 from rhmdnd/implement-cis-ocp-5-5
Browse files Browse the repository at this point in the history
Implement rules for CIS OCP Section 5.5
  • Loading branch information
rhmdnd authored Jul 14, 2023
2 parents 56af40d + afa2bfa commit 59fb3ad
Show file tree
Hide file tree
Showing 5 changed files with 12 additions and 4 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ ocil: |-
make sure the output is not empty and matches the registries that you wish to allow.
references:
cis@ocp4: '5.5.1'
nist: CM-5(3),CM-7(2),CM-7(5),CM-11
srg: SRG-APP-000456-CTR-001125

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ rationale: |-
severity: medium

references:
cis@ocp4: '5.5.1'
nist: CM-5(3),CM-7(2),CM-7(5),CM-11
srg: SRG-APP-000456-CTR-001125

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ identifiers:
cce@ocp4: CCE-86235-9

references:
cis@ocp4: '5.5.1'
nist: CM-5(3)
srg: SRG-APP-000014-CTR-000035

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ identifiers:
cce@ocp4: CCE-86123-7

references:
cis@ocp4: '5.5.1'
nist: CM-5(3)
srg: SRG-APP-000014-CTR-000035

Expand Down
12 changes: 8 additions & 4 deletions controls/cis_ocp_1_4_0/section-5.yml
Original file line number Diff line number Diff line change
Expand Up @@ -147,14 +147,18 @@ controls:
levels: level_2
- id: '5.5'
title: Extensible Admission Control
status: pending
status: automated
rules: []
controls:
- id: 5.5.1
title: Configure Image Provenance using image controller configuration parameters
status: pending
rules: []
levels: level_2
status: automated
rules:
- ocp_allowed_registries
- ocp_allowed_registries_for_import
- ocp_insecure_registries
- ocp_insecure_allowed_registries_for_import
level: level_2
- id: '5.7'
title: General Policies
status: partial
Expand Down

0 comments on commit 59fb3ad

Please sign in to comment.