CIS Kubernetes Benchmark
- Version: 1.10
- URL: https://www.cisecurity.org/benchmark/kubernetes
- Source of truth:
pipeline_check/core/standards/data/cis_kubernetes.py
CIS Kubernetes Benchmark, Section 5 (Policies). Workload security context, RBAC blast radius, NetworkPolicy posture, Secret hygiene, and namespace separation, anything the Kubernetes provider can score from manifests on disk. The Section 1-4 control plane / node / etcd controls require live cluster access and are out of scope.
At a glance
- Controls in this standard: 24
- Controls evidenced by at least one check: 24 / 24
- Distinct checks evidencing this standard: 47
- Of those, autofixable with
--fix: 13
Severity levels (CRITICAL / HIGH / MEDIUM / LOW / INFO) follow the same scale across every provider and standard. See How to read severity on the standards overview for the definitions.
Coverage by control
Click a control ID to jump to the per-control section with the full check list. The severity mix column shows the spread of evidencing checks by severity (Critical / High / Medium / Low / Info).
| Control | Title | Checks | Severity mix |
|---|---|---|---|
5.1.1 |
Ensure that the cluster-admin role is only used where required | 2 | 2C |
5.1.2 |
Minimize access to secrets | 5 | 3C · 2H |
5.1.3 |
Minimize wildcard use in Roles and ClusterRoles | 3 | 2C · 1H |
5.1.4 |
Minimize access to create pods | 3 | 2C · 1H |
5.1.5 |
Ensure that default service accounts are not actively used | 5 | 1C · 1H · 3M |
5.1.6 |
Ensure that Service Account Tokens are only mounted where necessary | 4 | 4M |
5.1.8 |
Limit use of the Bind, Impersonate and Escalate permissions in the Kubernetes cluster | 3 | 2C · 1H |
5.2.2 |
Minimize the admission of privileged containers | 4 | 1C · 3H |
5.2.3 |
Minimize the admission of containers wishing to share the host process ID namespace | 1 | 1H |
5.2.4 |
Minimize the admission of containers wishing to share the host IPC namespace | 1 | 1H |
5.2.5 |
Minimize the admission of containers wishing to share the host network namespace | 3 | 2C · 1H |
5.2.6 |
Minimize the admission of containers with allowPrivilegeEscalation | 1 | 1H |
5.2.7 |
Minimize the admission of root containers | 5 | 5H |
5.2.8 |
Minimize the admission of containers with the NET_RAW capability | 1 | 1H |
5.2.9 |
Minimize the admission of containers with added capabilities | 1 | 1H |
5.2.12 |
Minimize the admission of HostPath volumes | 4 | 3C · 1H |
5.2.13 |
Minimize the admission of containers which use HostPorts | 2 | 2M |
5.3.2 |
Ensure that all Namespaces have NetworkPolicies defined | 2 | 2M |
5.4.1 |
Prefer using Secrets as files over Secrets as environment variables | 2 | 2C |
5.4.2 |
Consider external secret storage | 4 | 3C · 1H |
5.7.1 |
Create administrative boundaries between resources using namespaces | 8 | 4H · 1M · 3L |
5.7.2 |
Ensure that the seccomp profile is set to docker/default in your Pod definitions | 1 | 1M |
5.7.3 |
Apply SecurityContext to your Pods and Containers | 14 | 1C · 9H · 3M · 1L |
5.7.4 |
The default namespace should not be used | 1 | 1L |
Filter at runtime
Restrict a scan to checks that evidence this standard with --standard cis_kubernetes:
# All providers, only checks tied to this standard
pipeline_check --standard cis_kubernetes
# Compose with --pipeline to scope by provider
pipeline_check --pipeline github --standard cis_kubernetes
# Compose with another standard to widen the lens
pipeline_check --pipeline aws --standard cis_kubernetes --standard owasp_cicd_top_10
Controls in scope
5.1.1: Ensure that the cluster-admin role is only used where required
Evidenced by 2 checks across Kubernetes.
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
K8S-020 |
ClusterRoleBinding grants cluster-admin or system:masters | CRITICAL | Kubernetes | 🔧 fix |
K8S-042 |
RoleBinding grants access to system:anonymous / system:unauthenticated | CRITICAL | Kubernetes |
5.1.2: Minimize access to secrets
Evidenced by 5 checks across 2 providers (Argo Workflows, Kubernetes).
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
ARGO-006 |
Literal secret value in Argo template env or parameter default | CRITICAL | Argo Workflows | 🔧 fix |
K8S-018 |
Secret stringData/data carries a credential-shaped literal | CRITICAL | Kubernetes | |
K8S-021 |
Role or ClusterRole grants wildcard verbs+resources | HIGH | Kubernetes | |
K8S-037 |
ConfigMap data carries a credential-shaped literal | HIGH | Kubernetes | |
K8S-042 |
RoleBinding grants access to system:anonymous / system:unauthenticated | CRITICAL | Kubernetes |
5.1.3: Minimize wildcard use in Roles and ClusterRoles
Evidenced by 3 checks across Kubernetes.
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
K8S-020 |
ClusterRoleBinding grants cluster-admin or system:masters | CRITICAL | Kubernetes | 🔧 fix |
K8S-021 |
Role or ClusterRole grants wildcard verbs+resources | HIGH | Kubernetes | |
K8S-042 |
RoleBinding grants access to system:anonymous / system:unauthenticated | CRITICAL | Kubernetes |
5.1.4: Minimize access to create pods
Evidenced by 3 checks across Kubernetes.
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
K8S-020 |
ClusterRoleBinding grants cluster-admin or system:masters | CRITICAL | Kubernetes | 🔧 fix |
K8S-021 |
Role or ClusterRole grants wildcard verbs+resources | HIGH | Kubernetes | |
K8S-042 |
RoleBinding grants access to system:anonymous / system:unauthenticated | CRITICAL | Kubernetes |
5.1.5: Ensure that default service accounts are not actively used
Evidenced by 5 checks across 3 providers (Argo Workflows, Kubernetes, Tekton).
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
ARGO-003 |
Argo workflow uses the default ServiceAccount | MEDIUM | Argo Workflows | |
ARGO-016 |
Workflow bound to a cluster-admin / over-privileged ServiceAccount | CRITICAL | Argo Workflows | |
K8S-011 |
Pod serviceAccountName unset or 'default' | MEDIUM | Kubernetes | |
K8S-029 |
RoleBinding grants permissions to the default ServiceAccount | HIGH | Kubernetes | 🔧 fix |
TKN-007 |
Tekton run uses the default ServiceAccount | MEDIUM | Tekton |
5.1.6: Ensure that Service Account Tokens are only mounted where necessary
Evidenced by 4 checks across 2 providers (Argo Workflows, Kubernetes).
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
ARGO-013 |
Argo workflow does not opt out of SA token automount | MEDIUM | Argo Workflows | |
K8S-012 |
Pod automountServiceAccountToken not false | MEDIUM | Kubernetes | |
K8S-034 |
ServiceAccount automountServiceAccountToken not explicitly false | MEDIUM | Kubernetes | |
K8S-036 |
ServiceAccount imagePullSecrets references missing Secret | MEDIUM | Kubernetes |
5.1.8: Limit use of the Bind, Impersonate and Escalate permissions in the Kubernetes cluster
Evidenced by 3 checks across Kubernetes.
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
K8S-020 |
ClusterRoleBinding grants cluster-admin or system:masters | CRITICAL | Kubernetes | 🔧 fix |
K8S-021 |
Role or ClusterRole grants wildcard verbs+resources | HIGH | Kubernetes | |
K8S-042 |
RoleBinding grants access to system:anonymous / system:unauthenticated | CRITICAL | Kubernetes |
5.2.2: Minimize the admission of privileged containers
Evidenced by 4 checks across 3 providers (Argo Workflows, Kubernetes, Tekton).
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
ARGO-002 |
Argo template container runs privileged or as root | HIGH | Argo Workflows | |
K8S-005 |
Container securityContext.privileged: true | CRITICAL | Kubernetes | 🔧 fix |
TKN-002 |
Tekton step runs privileged or as root | HIGH | Tekton | |
TKN-013 |
Tekton sidecar runs privileged or as root | HIGH | Tekton |
5.2.3: Minimize the admission of containers wishing to share the host process ID namespace
Evidenced by 1 check across Kubernetes.
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
K8S-003 |
Pod hostPID: true | HIGH | Kubernetes | 🔧 fix |
5.2.4: Minimize the admission of containers wishing to share the host IPC namespace
Evidenced by 1 check across Kubernetes.
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
K8S-004 |
Pod hostIPC: true | HIGH | Kubernetes | 🔧 fix |
5.2.5: Minimize the admission of containers wishing to share the host network namespace
Evidenced by 3 checks across 3 providers (Argo Workflows, Kubernetes, Tekton).
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
ARGO-004 |
Argo workflow mounts hostPath or shares host namespaces | CRITICAL | Argo Workflows | |
K8S-002 |
Pod hostNetwork: true | HIGH | Kubernetes | 🔧 fix |
TKN-004 |
Tekton Task mounts hostPath or shares host namespaces | CRITICAL | Tekton |
5.2.6: Minimize the admission of containers with allowPrivilegeEscalation
Evidenced by 1 check across Kubernetes.
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
K8S-006 |
Container allowPrivilegeEscalation not explicitly false | HIGH | Kubernetes | 🔧 fix |
5.2.7: Minimize the admission of root containers
Evidenced by 5 checks across 3 providers (Argo Workflows, Kubernetes, Tekton).
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
ARGO-002 |
Argo template container runs privileged or as root | HIGH | Argo Workflows | |
K8S-007 |
Container runAsNonRoot not true / runAsUser is 0 | HIGH | Kubernetes | 🔧 fix |
K8S-035 |
Container securityContext.runAsUser is 0 | HIGH | Kubernetes | |
TKN-002 |
Tekton step runs privileged or as root | HIGH | Tekton | |
TKN-013 |
Tekton sidecar runs privileged or as root | HIGH | Tekton |
5.2.8: Minimize the admission of containers with the NET_RAW capability
Evidenced by 1 check across Kubernetes.
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
K8S-009 |
Container capabilities not dropping ALL / adding dangerous caps | HIGH | Kubernetes |
5.2.9: Minimize the admission of containers with added capabilities
Evidenced by 1 check across Kubernetes.
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
K8S-009 |
Container capabilities not dropping ALL / adding dangerous caps | HIGH | Kubernetes |
5.2.12: Minimize the admission of HostPath volumes
Evidenced by 4 checks across 3 providers (Argo Workflows, Kubernetes, Tekton).
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
ARGO-004 |
Argo workflow mounts hostPath or shares host namespaces | CRITICAL | Argo Workflows | |
K8S-013 |
Pod uses a hostPath volume | HIGH | Kubernetes | 🔧 fix |
K8S-014 |
Pod hostPath references a sensitive host directory | CRITICAL | Kubernetes | |
TKN-004 |
Tekton Task mounts hostPath or shares host namespaces | CRITICAL | Tekton |
5.2.13: Minimize the admission of containers which use HostPorts
Evidenced by 2 checks across Kubernetes.
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
K8S-022 |
Service exposes SSH (port 22) | MEDIUM | Kubernetes | |
K8S-028 |
Container declares hostPort | MEDIUM | Kubernetes | 🔧 fix |
5.3.2: Ensure that all Namespaces have NetworkPolicies defined
Evidenced by 2 checks across Kubernetes.
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
K8S-032 |
Namespace lacks default-deny NetworkPolicy | MEDIUM | Kubernetes | |
K8S-038 |
NetworkPolicy ingress / egress allows all sources or destinations | MEDIUM | Kubernetes |
5.4.1: Prefer using Secrets as files over Secrets as environment variables
Evidenced by 2 checks across 2 providers (Argo Workflows, Kubernetes).
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
ARGO-006 |
Literal secret value in Argo template env or parameter default | CRITICAL | Argo Workflows | 🔧 fix |
K8S-017 |
Container env value carries a credential-shaped literal | CRITICAL | Kubernetes |
5.4.2: Consider external secret storage
Evidenced by 4 checks across 2 providers (Argo Workflows, Kubernetes).
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
ARGO-006 |
Literal secret value in Argo template env or parameter default | CRITICAL | Argo Workflows | 🔧 fix |
K8S-017 |
Container env value carries a credential-shaped literal | CRITICAL | Kubernetes | |
K8S-018 |
Secret stringData/data carries a credential-shaped literal | CRITICAL | Kubernetes | |
K8S-037 |
ConfigMap data carries a credential-shaped literal | HIGH | Kubernetes |
5.7.1: Create administrative boundaries between resources using namespaces
Evidenced by 8 checks across 2 providers (Helm, Kubernetes).
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
HELM-006 |
Chart.yaml does not declare a kubeVersion compatibility range | LOW | Helm | |
K8S-019 |
Workload deployed in the 'default' namespace | LOW | Kubernetes | |
K8S-023 |
Namespace missing Pod Security Admission enforcement label | HIGH | Kubernetes | |
K8S-025 |
System priority class used outside kube-system | HIGH | Kubernetes | |
K8S-030 |
Workload schedules onto a control-plane node | HIGH | Kubernetes | 🔧 fix |
K8S-031 |
Namespace missing PSA warn label | LOW | Kubernetes | |
K8S-033 |
Namespace lacks ResourceQuota or LimitRange | MEDIUM | Kubernetes | |
K8S-044 |
Admission webhook fails open or mutates cluster-wide unscoped | HIGH | Kubernetes |
5.7.2: Ensure that the seccomp profile is set to docker/default in your Pod definitions
Evidenced by 1 check across Kubernetes.
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
K8S-010 |
Container seccompProfile not RuntimeDefault or Localhost | MEDIUM | Kubernetes |
5.7.3: Apply SecurityContext to your Pods and Containers
Evidenced by 14 checks across 3 providers (Argo Workflows, Kubernetes, Tekton).
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
ARGO-002 |
Argo template container runs privileged or as root | HIGH | Argo Workflows | |
K8S-005 |
Container securityContext.privileged: true | CRITICAL | Kubernetes | 🔧 fix |
K8S-006 |
Container allowPrivilegeEscalation not explicitly false | HIGH | Kubernetes | 🔧 fix |
K8S-007 |
Container runAsNonRoot not true / runAsUser is 0 | HIGH | Kubernetes | 🔧 fix |
K8S-008 |
Container readOnlyRootFilesystem not true | MEDIUM | Kubernetes | 🔧 fix |
K8S-009 |
Container capabilities not dropping ALL / adding dangerous caps | HIGH | Kubernetes | |
K8S-010 |
Container seccompProfile not RuntimeDefault or Localhost | MEDIUM | Kubernetes | |
K8S-023 |
Namespace missing Pod Security Admission enforcement label | HIGH | Kubernetes | |
K8S-031 |
Namespace missing PSA warn label | LOW | Kubernetes | |
K8S-035 |
Container securityContext.runAsUser is 0 | HIGH | Kubernetes | |
K8S-039 |
Pod uses shareProcessNamespace: true | MEDIUM | Kubernetes | |
K8S-040 |
Container securityContext.procMount: Unmasked | HIGH | Kubernetes | |
K8S-044 |
Admission webhook fails open or mutates cluster-wide unscoped | HIGH | Kubernetes | |
TKN-002 |
Tekton step runs privileged or as root | HIGH | Tekton |
5.7.4: The default namespace should not be used
Evidenced by 1 check across Kubernetes.
| Check | Title | Severity | Provider | Fix |
|---|---|---|---|---|
K8S-019 |
Workload deployed in the 'default' namespace | LOW | Kubernetes |
This page is generated. Edit pipeline_check/core/standards/data/cis_kubernetes.py (mappings) or scripts/gen_standards_docs.py (intro / per-control prose) and run python scripts/gen_standards_docs.py cis_kubernetes.