accepted This benchmark provides prescriptive guidance for establishing a secure configuration posture for Kubernetes v1.28.0. This guide was tested against Kubernetes running on Linux. 1.8.0 This profile contains configuration checks that align to the CIS Kubernetes Benchmark Level 2 for master nodes. root k8s-control-01.example.com 192.168.2.101 k8s-control-01.example.com 192.168.2.101 Kubernetes 1.28.0 master 92.0 pass CIS-K8S-5.3.9 pass CIS-K8S-5.4.20 pass CIS-K8S-3.9.12 pass CIS-K8S-2.6.7 pass CIS-K8S-2.4.19 pass CIS-K8S-4.4.7 pass CIS-K8S-5.5.19 pass CIS-K8S-4.8.2 pass CIS-K8S-1.9.13 pass CIS-K8S-5.3.15 pass CIS-K8S-4.1.8 pass CIS-K8S-2.7.15 pass CIS-K8S-5.1.13 pass CIS-K8S-1.6.11 pass CIS-K8S-3.6.18 pass CIS-K8S-5.5.18 pass CIS-K8S-4.4.11 pass CIS-K8S-3.3.19 pass CIS-K8S-2.8.4 fail CIS-K8S-1.7.19 Check failed: control_plane_api_server_audit_log_path pass CIS-K8S-2.9.5 fail CIS-K8S-1.6.18 Check failed: control_plane_api_server_audit_log_maxbackup pass CIS-K8S-3.2.16 fail CIS-K8S-1.8.7 Check failed: control_plane_api_server_request_timeout pass CIS-K8S-2.7.5 pass CIS-K8S-4.2.15 pass CIS-K8S-2.4.18 pass CIS-K8S-2.5.3 pass CIS-K8S-2.8.6 pass CIS-K8S-5.7.1 pass CIS-K8S-2.3.17 pass CIS-K8S-5.8.5 pass CIS-K8S-1.5.7 pass CIS-K8S-4.2.2 pass CIS-K8S-4.2.2 pass CIS-K8S-4.1.13 pass CIS-K8S-3.1.18 pass CIS-K8S-5.3.6 pass CIS-K8S-1.7.15 pass CIS-K8S-1.1.9 pass CIS-K8S-2.9.17 fail CIS-K8S-5.1.2 Check failed: worker_node_kubelet_anonymous_auth pass CIS-K8S-3.3.19 pass CIS-K8S-5.4.8 pass CIS-K8S-1.6.9 fail CIS-K8S-5.9.7 Check failed: worker_node_kubelet_streaming_connection_idle_timeout pass CIS-K8S-3.6.13 pass CIS-K8S-3.5.20 pass CIS-K8S-4.8.13 pass CIS-K8S-3.4.15 pass CIS-K8S-4.2.5 pass CIS-K8S-2.1.17 fail CIS-K8S-2.9.10 Check failed: etcd_cert_file pass CIS-K8S-2.4.11 fail CIS-K8S-5.2.20 Check failed: etcd_auto_tls pass CIS-K8S-1.9.9 pass CIS-K8S-4.5.15 pass CIS-K8S-5.7.6 pass CIS-K8S-3.9.13 pass CIS-K8S-5.8.7 pass CIS-K8S-2.4.9