Create a ScanSettingBinding
object in the openshift-compliance
namespace to scan the cluster using the cis
and cis-node
profiles.
|
This example uses cis and cis-node profiles, but OpenShift Container Platform provides additional profiles. See "Understanding the Compliance Operator" in the "Additional resources" section for more information.
|
Procedure
Select one of the following options:
Optional: If you installed the Compliance Operator after installing RHACS, restart Sensor in the secured cluster by performing one of the following options:
-
Run the following command:
$ oc -n stackrox delete pod -lapp=sensor
-
In the OpenShift Container Platform web console, perform the following steps:
-
Change the active project to stackrox
.
-
Navigate to Workloads → Pods.
-
Locate the pod with the name starting with sensor-
, and then click Actions → Delete Pod.
Verification
After performing these steps, run a compliance scan in RHACS and ensure that ocp4-cis
and ocp4-cis-node
results are displayed. See "Running a compliance scan" in the "Additional resources" section for more information.