Security
This section describes the methodology and means of securing a K3s cluster. It’s broken into 2 sections. These guides assume k3s is running with embedded etcd.
First the hardening guide provides a list of security best practices to secure a K3s cluster.
Second, is the self assessment to validate a hardened cluster. We currently have two different assessments available:
-
CIS 1.24 Benchmark Self-Assessment Guide, for K3s version v1.24
-
CIS 1.7 Benchmark Self-Assessment Guide, for K3s version v1.25
-
CIS 1.8 Benchmark Self-Assessment Guide, for K3s version v1.26-v1.29