Hi, Can anyone please inform what’s the meaning of “automated” and “manual” defined in CIS Kubernetes benchmark document.
I saw the definition of automated and manual in the same doc but difficult to understand.
By “automated” - does it mean the system can automatically resolve this/vulnerability without any manual intervention. An example is appreciated.
Thanks
Deb
Thank you for the information @Alistair_KodeKloud
However I am still not clear why some are classified as Manual while others with Automatic. For example, the below TC(1.1.21) is classified as manual while another case(1.2.2) which is exactly similar to 1.1.21 is classified as Automatic.
Is 1.2.2 set as classified because the recommended steps can also be done via “kubectl” command (defined in red).
I’m afraid I don’t know any more than what it says on that page.
I can only interpret it to mean the following
In the first case 1.1.21 it looks at the files that are in /etc/kubernetes/pki and finds some that do not have the correct permissions, but cannot automatically verify that these files are really the keys being used by the cluster.
In 1.2.2 by connecting to the cluster directly to get the API server manifest, the automation can know that the cluster is incorrectly configured.
