Security
This section describes the methodology and means of securing a K3s cluster. It's broken into 2 sections. These guides assume k3s is running with embedded etcd.
First the hardening guide provides a list of security best practices to secure a K3s cluster.
Second, is the self assessment to validate a hardened cluster. We currently have two different assessments available:
-
CIS 1.23 Benchmark Self-Assessment Guide, older version of the CIS benchmark
-
CIS 1.8 Benchmark Self-Assessment Guide, newer version of the CIS benchmark