feat: add CIS GKE 1.9.0 configuration files and controls#2002
Open
jesayafn wants to merge 16 commits intoaquasecurity:mainfrom
Open
feat: add CIS GKE 1.9.0 configuration files and controls#2002jesayafn wants to merge 16 commits intoaquasecurity:mainfrom
jesayafn wants to merge 16 commits intoaquasecurity:mainfrom
Conversation
Collaborator
|
@jesayafn thanks for your contribution! |
Author
|
Hi @afdesk I've added the trailing space fix |
afdesk
requested changes
Feb 20, 2026
| --flatten="bindings[].members" \ | ||
| --format='table(bindings.members,bindings.role)' \ | ||
| --filter="bindings.role:roles/storage.admin OR bindings.role:roles/storage.objectAdmin OR bindings.role:roles/storage.objectCreator OR bindings.role:roles/storage.legacyBucketOwner OR bindings.role:roles/storage.legacyBucketWriter OR bindings.role:roles/storage.legacyObjectOwner" | ||
| type: "manual" |
Author
There was a problem hiding this comment.
Keep it manual as long as the source states it's manual
Collaborator
|
@jesayafn thanks a lot for your efforts! @LaibaBareera WDYT? |
Author
|
Hi @afdesk. I added commits, kindly review |
Collaborator
|
@jesayafn thanks for your efforts! |
…anaged services section to follow current document
…olicies section to follow current document, and update version field in all related config file
…cies configuration files
…forms documentation
…ude automated audit and remediation steps Need Google CLI in the same host or pod with proper permission on the service account or user account to run `serviceusage.services.list`. Co-authored-by: GitHub Copilot <noreply@github.com>
…heck and remove redundant remediation section
…th automated audit and scoring Needed permission for audit command: - `container.nodePools.get` in case the NODE_POOL variable is not set - `container.clusters.get` Co-authored-by: GitHub Copilot <noreply@github.com>
jesayafn
force-pushed
the
dev/cis-gke-1.9.0
branch
from
68448da to
ae2ee04
Compare
Author
Collaborator
Collaborator
|
@jesayafn there are some linter errors... |
Collaborator
|
…dd new at the end of file on config.yaml
Author
|
I added a fix following the linter error feedback. Kindly check @afdesk |
Collaborator
|
@jesayafn can you rebase this branch with main |
Collaborator
|
@jesayafn , |
pgx CVE-2026-33816 (memory-safety) CRITICAL cleared (≥ v5.9.0) pgx GHSA-j88v-2chj-qfwx (SQLi) LOW cleared (≥ v5.9.2)
…rsion (v0.10.0, v0.14, v0.15.0) instead of k3s-cis-1.8 tests (aquasecurity#2086)
Author
|
@LaibaBareera Kindly check my recent changes and rebase |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
feat: add CIS GKE 1.9.0 configuration files and controls
Changelog