[OSDOCS#18986] CQA pre-migration for Security and compliance index assembly#115741
[OSDOCS#18986] CQA pre-migration for Security and compliance index assembly#115741maxwelldb wants to merge 2 commits into
Conversation
|
Skipping CI for Draft Pull Request. |
3fb4392 to
c19c80d
Compare
|
/test all |
|
🤖 Fri Jul 17 22:18:23 - Prow CI generated the docs preview: https://115741--ocpdocs-pr.netlify.app/openshift-enterprise/latest/security/index.html |
| // This file is a navigation file - xrefs are allowed in this type of module, but it must only ever be included from one location | ||
|
|
||
| :_mod-docs-content-type: REFERENCE | ||
| [id="compliance-overview"] |
There was a problem hiding this comment.
🤖 [error] OpenShiftAsciiDoc.IdHasContextVariable: ID is missing the '_{context}' variable at the end of the ID.
| [role="_abstract"] | ||
| For many {product-title} customers, regulatory readiness, or compliance, on some level is required before any systems can be put into production. That regulatory readiness can be imposed by national standards, industry standards, or the organization's corporate governance framework. | ||
|
|
||
| [id="compliance-checking"] |
There was a problem hiding this comment.
🤖 [error] OpenShiftAsciiDoc.IdHasContextVariable: ID is missing the '_{context}' variable at the end of the ID.
| [id="compliance-checking"] | ||
| == Compliance checking | ||
|
|
||
| Administrators can use the xref:../security/compliance_operator/co-concepts/compliance-operator-understanding.adoc#understanding-compliance-operator[Compliance Operator] to run compliance scans and recommend remediations for any issues found. The xref:../security/compliance_operator/co-scans/oc-compliance-plug-in-using.adoc#using-oc-compliance-plug-in[`oc-compliance` plugin] is an OpenShift CLI (`oc`) plugin that provides a set of utilities to easily interact with the Compliance Operator. |
There was a problem hiding this comment.
🤖 [error] OpenShiftAsciiDoc.NoXrefInModules: Do not include xrefs in modules, only assemblies (exception: release notes modules).
|
|
||
| Administrators can use the xref:../security/compliance_operator/co-concepts/compliance-operator-understanding.adoc#understanding-compliance-operator[Compliance Operator] to run compliance scans and recommend remediations for any issues found. The xref:../security/compliance_operator/co-scans/oc-compliance-plug-in-using.adoc#using-oc-compliance-plug-in[`oc-compliance` plugin] is an OpenShift CLI (`oc`) plugin that provides a set of utilities to easily interact with the Compliance Operator. | ||
|
|
||
| [id="file-integrity-checking"] |
There was a problem hiding this comment.
🤖 [error] OpenShiftAsciiDoc.IdHasContextVariable: ID is missing the '_{context}' variable at the end of the ID.
| [id="file-integrity-checking"] | ||
| == File integrity checking | ||
|
|
||
| Administrators can use the xref:../security/file_integrity_operator/file-integrity-operator-understanding.adoc#understanding-file-integrity-operator[File Integrity Operator] to continually run file integrity checks on cluster nodes and provide a log of files that have been modified. |
There was a problem hiding this comment.
🤖 [error] OpenShiftAsciiDoc.NoXrefInModules: Do not include xrefs in modules, only assemblies (exception: release notes modules).
| // This file is a navigation file - xrefs are allowed in this type of module, but it must only ever be included from one location | ||
|
|
||
| :_mod-docs-content-type: REFERENCE | ||
| [id="security-overview"] |
There was a problem hiding this comment.
🤖 [error] OpenShiftAsciiDoc.IdHasContextVariable: ID is missing the '_{context}' variable at the end of the ID.
| [role="_abstract"] | ||
| It is important to understand how to properly secure various aspects of your {product-title} cluster. | ||
|
|
||
| [id="container-security"] |
There was a problem hiding this comment.
🤖 [error] OpenShiftAsciiDoc.IdHasContextVariable: ID is missing the '_{context}' variable at the end of the ID.
| [id="container-security"] | ||
| == Container security | ||
|
|
||
| A good starting point to understanding {product-title} security is to review the concepts in xref:../security/container_security/security-understanding.adoc#security-understanding[Understanding container security]. This and subsequent sections provide a high-level walkthrough of the container security measures available in {product-title}, including solutions for the host layer, the container and orchestration layer, and the build and application layer. These sections also include information on the following topics: |
There was a problem hiding this comment.
🤖 [error] OpenShiftAsciiDoc.NoXrefInModules: Do not include xrefs in modules, only assemblies (exception: release notes modules).
| * How networking and attached storage are secured in {product-title}. | ||
| * Containerized solutions for API management and SSO. | ||
|
|
||
| [id="auditing"] |
There was a problem hiding this comment.
🤖 [error] OpenShiftAsciiDoc.IdHasContextVariable: ID is missing the '_{context}' variable at the end of the ID.
| [id="auditing"] | ||
| == Auditing | ||
|
|
||
| {product-title} auditing provides a security-relevant chronological set of records documenting the sequence of activities that have affected the system by individual users, administrators, or other components of the system. Administrators can xref:../security/audit-log-policy-config.adoc#audit-log-policy-config[configure the audit log policy] and xref:../security/audit-log-view.adoc#audit-log-view[view audit logs]. |
There was a problem hiding this comment.
🤖 [error] OpenShiftAsciiDoc.NoXrefInModules: Do not include xrefs in modules, only assemblies (exception: release notes modules).
|
|
||
| {product-title} auditing provides a security-relevant chronological set of records documenting the sequence of activities that have affected the system by individual users, administrators, or other components of the system. Administrators can xref:../security/audit-log-policy-config.adoc#audit-log-policy-config[configure the audit log policy] and xref:../security/audit-log-view.adoc#audit-log-view[view audit logs]. | ||
|
|
||
| [id="certificates"] |
There was a problem hiding this comment.
🤖 [error] OpenShiftAsciiDoc.IdHasContextVariable: ID is missing the '_{context}' variable at the end of the ID.
| [id="certificates"] | ||
| == Certificates | ||
|
|
||
| Certificates are used by various components to validate access to the cluster. Administrators can xref:../security/certificates/replacing-default-ingress-certificate.adoc#replacing-default-ingress[replace the default ingress certificate], xref:../security/certificates/api-server.adoc#api-server-certificates[add API server certificates], or xref:../security/certificates/service-serving-certificate.adoc#add-service-serving[add a service certificate]. |
There was a problem hiding this comment.
🤖 [error] OpenShiftAsciiDoc.NoXrefInModules: Do not include xrefs in modules, only assemblies (exception: release notes modules).
|
|
||
| You can also review more details about the types of certificates used by the cluster: | ||
|
|
||
| * xref:../security/certificate_types_descriptions/user-provided-certificates-for-api-server.adoc#cert-types-user-provided-certificates-for-the-api-server[User-provided certificates for the API server] |
There was a problem hiding this comment.
🤖 [error] OpenShiftAsciiDoc.NoXrefInModules: Do not include xrefs in modules, only assemblies (exception: release notes modules).
|
@maxwelldb: all tests passed! Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
Version(s): 4.20+
Issue: OSDOCS-18986
Link to docs preview: 4.20+
QE review:
Additional information: This is 1 of 4 PRs splitting OSDOCS-18986 by assembly. Since this is resolving an index.adoc navigation file, xrefs are allowed in the resulting reference modules. These reference modules must only ever be included in one location.