mirror of
https://github.com/Ed1s0nZ/CyberStrikeAI.git
synced 2026-03-31 00:09:29 +02:00
59 lines
1.5 KiB
YAML
59 lines
1.5 KiB
YAML
name: "kube-bench"
|
||
command: "kube-bench"
|
||
enabled: true
|
||
short_description: "CIS Kubernetes基准检查工具"
|
||
description: |
|
||
Kube-bench是一个CIS Kubernetes基准检查工具,用于检查Kubernetes集群是否符合CIS基准。
|
||
|
||
**主要功能:**
|
||
- CIS基准检查
|
||
- 多种目标支持(master, node, etcd, policies)
|
||
- 详细报告
|
||
- 配置验证
|
||
|
||
**使用场景:**
|
||
- Kubernetes合规性检查
|
||
- 安全配置审计
|
||
- CIS基准验证
|
||
- 安全评估
|
||
parameters:
|
||
- name: "targets"
|
||
type: "string"
|
||
description: "要检查的目标(master, node, etcd, policies)"
|
||
required: false
|
||
flag: "--targets"
|
||
format: "flag"
|
||
- name: "version"
|
||
type: "string"
|
||
description: "Kubernetes版本"
|
||
required: false
|
||
flag: "--version"
|
||
format: "flag"
|
||
- name: "config_dir"
|
||
type: "string"
|
||
description: "配置目录"
|
||
required: false
|
||
flag: "--config-dir"
|
||
format: "flag"
|
||
- name: "output_format"
|
||
type: "string"
|
||
description: "输出格式(json, yaml)"
|
||
required: false
|
||
flag: "--output"
|
||
format: "flag"
|
||
default: "json"
|
||
- name: "additional_args"
|
||
type: "string"
|
||
description: |
|
||
额外的kube-bench参数。用于传递未在参数列表中定义的kube-bench选项。
|
||
|
||
**示例值:**
|
||
- 根据工具特性添加常用参数示例
|
||
|
||
**注意事项:**
|
||
- 多个参数用空格分隔
|
||
- 确保参数格式正确,避免命令注入
|
||
- 此参数会直接追加到命令末尾
|
||
required: false
|
||
format: "positional"
|