Checklist Summary:

This document provides prescriptive guidance for running Alibaba Cloud Container Service for Kubernetes (ACK) following recommended security controls. This benchmark only includes controls which can be modified by an end user of ACK. To obtain the latest version of this guide, please visit www.cisecurity.org . If you have questions, comments, or have identified ways to improve this guide, please write us at support@cisecurity.org.

Checklist Role:

• Virtualization Server

Known Issues:

Not provided.

Target Audience:

This document is intended for cluster administrators, security specialists, auditors, and any personnel who plan to develop, deploy, assess, or secure solutions that incorporate ACK using managed and self-managed nodes. Customers using Alibaba Cloud Serverless Kubernetes (ASK) are not responsible for node management. Hence, this document is not scoped for ASK customers.

Target Operational Environment:

• Managed
• Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not provided.

Regulatory Compliance:

Not provided.

Comments/Warnings/Miscellaneous:

Not provided.

Disclaimer:

This benchmark exemplifies the great things a community of users, vendors, and subject matter experts can accomplish through consensus collaboration. The CIS community thanks the entire consensus team. Special thanks to the Alibaba team for their significant contribution.

Product Support:

support@cisecurity.org

Point of Contact:

support@cisecurity.org

Sponsor:

Not provided.

Licensing:

Not provided.

Change History:

new checklist - 2/21/24
updated status to FINAL - 3/22/24

Dependency/Requirements:

URL	Description

References:

Reference URL	Description

NIST checklist record last modified on 03/22/2024