feat: make kubernetes owner parametrized (#8952)

* feat: make kubernetes owner parametrized * docs: update hardening guide with configuration for CIS 1.1.19 * fix: set etcd data directory permissions to be compliant to CIS 1.1.12
2026-02-01 09:38:12 -03:30 · 2022-06-17 10:34:32 +02:00
parent 890fad389d
commit 97b4d79ed5
17 changed files with 40 additions and 14 deletions
--- a/docs/hardening.md
+++ b/docs/hardening.md
@@ -84,6 +84,10 @@ kubelet_rotate_certificates: true
 kubelet_streaming_connection_idle_timeout: "5m"
 kubelet_make_iptables_util_chains: true
 kubelet_feature_gates: ["RotateKubeletServerCertificate=true"]
+
+# additional configurations
+kube_owner: root
+kube_cert_group: root
 ```

 Let's take a deep look to the resultant **kubernetes** configuration: