EKS Managed Node Group security Check

[tppalani]

Hi All,

I'm running EKS version 1.24 with managed Node Groups. I used jobs-eks.yaml file and also i have below successful report, but report contains only worker node security check, But I'm not able to see any other report like RBAC, images...etc.

https://github.com/aquasecurity/kube-bench/blob/main/job-eks.yaml

$ kubectl logs -f kube-bench-d-bdpp2
[INFO] 3 Worker Node Security Configuration
[INFO] 3.1 Worker Node Configuration Files
[PASS] 3.1.1 Ensure that the kubeconfig file permissions are set to 644 or more restrictive (Manual)
[PASS] 3.1.2 Ensure that the kubelet kubeconfig file ownership is set to root:root (Manual)
[PASS] 3.1.3 Ensure that the kubelet configuration file has permissions set to 644 or more restrictive (Manual)
[PASS] 3.1.4 Ensure that the kubelet configuration file ownership is set to root:root (Manual)
[INFO] 3.2 Kubelet
[PASS] 3.2.1 Ensure that the Anonymous Auth is Not Enabled (Automated)
[PASS] 3.2.2 Ensure that the --authorization-mode argument is not set to AlwaysAllow (Automated)
[PASS] 3.2.3 Ensure that a Client CA File is Configured (Manual)
[PASS] 3.2.4 Ensure that the --read-only-port is disabled (Manual)
[PASS] 3.2.5 Ensure that the --streaming-connection-idle-timeout argument is not set to 0 (Automated)
[PASS] 3.2.6 Ensure that the --protect-kernel-defaults argument is set to true (Automated)
[PASS] 3.2.7 Ensure that the --make-iptables-util-chains argument is set to true (Automated)
[PASS] 3.2.8 Ensure that the --hostname-override argument is not set (Manual)
[PASS] 3.2.9 Ensure that the --eventRecordQPS argument is set to 0 or a level which ensures appropriate event capture (Automated)
[PASS] 3.2.10 Ensure that the --rotate-certificates argument is not present or is set to true (Manual)
[PASS] 3.2.11 Ensure that the RotateKubeletServerCertificate argument is set to true (Manual)
[INFO] 3.3 Container Optimized OS
[WARN] 3.3.1 Prefer using a container-optimized OS when possible (Manual)

== Remediations node ==
3.3.1 audit test did not run: No tests defined

== Summary node ==
15 checks PASS
0 checks FAIL
1 checks WARN
0 checks INFO

== Summary total ==
15 checks PASS
0 checks FAIL
1 checks WARN
0 checks INFO