Note: The CIS Kubernetes Benchmark v1.7.1 policy bundle is a preview release. This means that the functionality might change in backward-incompatible ways. A preview release is not subject to any SLA or deprecation policy and may receive limited or no support.
Use the CIS Kubernetes Benchmark v1.7.1 policy bundle with Policy Controller to evaluate the compliance of your cluster resources against the CIS Kubernetes Benchmark, which is a set of recommendations for configuring Kubernetes to support a robust security posture.
The accompanying CIS Kubernetes Benchmark tutorial provides more details.
These constraints are not certified by CIS.
This bundle requires Policy Controller v1.17.0 or higher.
kubectl kustomize https://github.com/GoogleCloudPlatform/gke-policy-library.git/anthos-bundles/cis-k8s-v1.7.1
kubectl apply -k https://github.com/GoogleCloudPlatform/gke-policy-library.git/anthos-bundles/cis-k8s-v1.7.1