Evaluates whether each Container Service for Kubernetes (ACK) cluster has a managed node pool enabled to automate node O&M tasks. ACK clusters with no node pool configured are marked as not applicable.
Scenario
Managed node pools in ACK automate node O&M tasks such as patching high-risk Common Vulnerabilities and Exposures (CVE) vulnerabilities and fixing specific anomalies, reducing your operational overhead.
Risk level
Default risk level: low.
You can change the risk level based on your business requirements when you apply this rule.
Compliance evaluation logic
An ACK cluster is compliant if it has a managed node pool enabled to automate node O&M tasks. Clusters with no node pool configured are not applicable.
Rule details
|
Item |
Description |
|
Rule name |
ack-cluster-node-pools-management-enabled |
|
Rule ID |
|
|
Tag |
ACK and Cluster |
|
Automatic remediation |
Not supported |
|
Trigger type |
Periodic execution |
|
Evaluation frequency |
Every 24 hours |
|
Supported resource type |
ACS::ACK::Cluster |
|
Input parameter |
None |
Non-compliance remediation
Configure managed node pools for all ACK clusters. For more information, see Overview of managed node pools.