Ensure auditing is configured for Docker files and directories – /etc/containerd/config.toml (Automated)
Audit /etc/containerd/config.toml if applicable.
Blog
Ensure syslog messages are not suppressed (Automated)
In more modern Syslog implementations, repeated message suppression can be configured (for example, $RepeatedMsgReduction in rsyslog).
Ensure ‘debug_print_plan’ is disabled (Automated)
Enabling any of the DEBUG printing variables may cause the logging of sensitive information that would otherwise be omitted based...
OpenSearch (Elasticsearch) domain has less than three data nodes
Amazon OpenSearch Service (Amazon Elasticsearch Service successor) is a managed service that simplifies the deployment, operation, and scaling of OpenSearch...
Elasticsearch without at least three dedicated master nodes
Amazon OpenSearch Service (Amazon Elasticsearch Service successor) is a managed service that simplifies the deployment, operation, and scaling of OpenSearch...
Ensure the default seccomp profile is not Disabled (Automated)
Seccomp filtering provides a means for a process to specify a filter for incoming system calls. The default Docker seccomp...
Ensure that the Containerd socket file ownership is set to root:root (Automated)
You should verify that the Containerd socket file is owned by root and group owned by root.
Ensure auditing is configured for Docker files and directories – /usr/bin/containerd-shim-runc-v2 (Automated)
Audit /usr/bin/containerd-shim-runc-v2 if applicable.
Ensure that, if applicable, SELinux security options are set (Automated)
SELinux is an effective and easy-to-use Linux application security system. It is available by default on some distributions such as...