diff --git a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer/001_kube_enforcer_config.yaml b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer/001_kube_enforcer_config.yaml index d58133839..fac67c4cc 100644 --- a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer/001_kube_enforcer_config.yaml +++ b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer/001_kube_enforcer_config.yaml @@ -23,7 +23,7 @@ data: # Enable KA policy scanning via Trivy-Operator AQUA_KAP_ADD_ALL_CONTROL: "true" AQUA_WATCH_CONFIG_AUDIT_REPORT: "true" - AQUA_KB_IMAGE_NAME: "registry.aquasec.com/kube-bench:v0.11.2" + AQUA_KB_IMAGE_NAME: "registry.aquasec.com/kube-bench:v0.14.1" AQUA_ME_IMAGE_NAME: "registry.aquasec.com/microenforcer:2022.4" AQUA_KB_ME_REGISTRY_NAME: "aqua-registry" AQUA_ENFORCER_DS_NAME: "aqua-agent" #Sets Daemonset name diff --git a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_advanced/003_kube_enforcer_deploy.yaml b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_advanced/003_kube_enforcer_deploy.yaml index 3ecaa3991..3a9278e61 100644 --- a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_advanced/003_kube_enforcer_deploy.yaml +++ b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_advanced/003_kube_enforcer_deploy.yaml @@ -78,7 +78,7 @@ spec: - name: CLUSTER_NAME value: "Default-cluster-name" # Cluster display name in aqua enterprise. - name: AQUA_KB_IMAGE_NAME - value: "registry.aquasec.com/kube-bench:v0.11.2" + value: "registry.aquasec.com/kube-bench:v0.14.1" - name: AQUA_ME_IMAGE_NAME value: "registry.aquasec.com/microenforcer:2022.4" - name: AQUA_KB_ME_REGISTRY_NAME diff --git a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_advanced_trivy/003_kube_enforcer_deploy.yaml b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_advanced_trivy/003_kube_enforcer_deploy.yaml index d687e852c..0f132c2d3 100644 --- a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_advanced_trivy/003_kube_enforcer_deploy.yaml +++ b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_advanced_trivy/003_kube_enforcer_deploy.yaml @@ -78,7 +78,7 @@ spec: - name: CLUSTER_NAME value: "Default-cluster-name" # Cluster display name in aqua enterprise. - name: AQUA_KB_IMAGE_NAME - value: "registry.aquasec.com/kube-bench:v0.11.2" + value: "registry.aquasec.com/kube-bench:v0.14.1" - name: AQUA_ME_IMAGE_NAME value: "registry.aquasec.com/microenforcer:2022.4" - name: AQUA_KB_ME_REGISTRY_NAME diff --git a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_ocp3x/001_kube_enforcer_config.yaml b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_ocp3x/001_kube_enforcer_config.yaml index 1141edb29..c7d63cb83 100644 --- a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_ocp3x/001_kube_enforcer_config.yaml +++ b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_ocp3x/001_kube_enforcer_config.yaml @@ -23,7 +23,7 @@ data: # Enable KA policy scanning via starboard AQUA_KAP_ADD_ALL_CONTROL: "true" AQUA_WATCH_CONFIG_AUDIT_REPORT: "true" - AQUA_KB_IMAGE_NAME: "registry.aquasec.com/kube-bench:v0.11.2" + AQUA_KB_IMAGE_NAME: "registry.aquasec.com/kube-bench:v0.14.1" AQUA_ME_IMAGE_NAME: "registry.aquasec.com/microenforcer:2022.4" AQUA_KB_ME_REGISTRY_NAME: "aqua-registry" AQUA_ENFORCER_DS_NAME: "aqua-agent" #Sets Daemonset name @@ -231,7 +231,7 @@ metadata: name: configauditreports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: starboard - app.kubernetes.io/version: "0.15.27" + app.kubernetes.io/version: "0.15.29" spec: group: aquasecurity.github.io versions: @@ -362,7 +362,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.27" + app.kubernetes.io/version: "0.15.29" --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole diff --git a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_ocp3x/003_kube_enforcer_deploy.yaml b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_ocp3x/003_kube_enforcer_deploy.yaml index ceaf7e188..09f12e349 100644 --- a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_ocp3x/003_kube_enforcer_deploy.yaml +++ b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_ocp3x/003_kube_enforcer_deploy.yaml @@ -114,7 +114,7 @@ spec: securityContext: {} containers: - name: operator - image: docker.io/aquasec/starboard-operator:0.15.27 + image: docker.io/aquasec/starboard-operator:0.15.29 imagePullPolicy: IfNotPresent securityContext: privileged: false diff --git a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_trivy/001_kube_enforcer_config.yaml b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_trivy/001_kube_enforcer_config.yaml index 984566f03..62da96fe8 100644 --- a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_trivy/001_kube_enforcer_config.yaml +++ b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_trivy/001_kube_enforcer_config.yaml @@ -24,7 +24,7 @@ data: AQUA_KAP_ADD_ALL_CONTROL: "true" AQUA_ME_GW_CERT_SECRET_NAME: "" AQUA_WATCH_CONFIG_AUDIT_REPORT: "true" - AQUA_KB_IMAGE_NAME: "registry.aquasec.com/kube-bench:v0.11.2" + AQUA_KB_IMAGE_NAME: "registry.aquasec.com/kube-bench:v0.14.1" AQUA_ME_IMAGE_NAME: "registry.aquasec.com/microenforcer:2022.4" AQUA_KB_ME_REGISTRY_NAME: "aqua-registry" AQUA_ENFORCER_DS_NAME: "aqua-agent" #Sets Daemonset name diff --git a/quick_start/kubernetes_and_openshift/manifests/aqua-csp-quick-default-storage.yaml b/quick_start/kubernetes_and_openshift/manifests/aqua-csp-quick-default-storage.yaml index 5280d32fb..98491c0f1 100644 --- a/quick_start/kubernetes_and_openshift/manifests/aqua-csp-quick-default-storage.yaml +++ b/quick_start/kubernetes_and_openshift/manifests/aqua-csp-quick-default-storage.yaml @@ -799,7 +799,7 @@ data: # Enable KA policy scanning via Trivy-Operator AQUA_KAP_ADD_ALL_CONTROL: "true" AQUA_WATCH_CONFIG_AUDIT_REPORT: "true" - AQUA_KB_IMAGE_NAME: "registry.aquasec.com/kube-bench:v0.11.2" + AQUA_KB_IMAGE_NAME: "registry.aquasec.com/kube-bench:v0.14.1" AQUA_ME_IMAGE_NAME: "registry.aquasec.com/microenforcer:2022.4" AQUA_KB_ME_REGISTRY_NAME: "aqua-registry" AQUA_ENFORCER_DS_NAME: "aqua-agent" #Sets Daemonset name diff --git a/quick_start/kubernetes_and_openshift/manifests/aqua-csp-quick-hostpath.yaml b/quick_start/kubernetes_and_openshift/manifests/aqua-csp-quick-hostpath.yaml index 0fe0f943b..ae22021ae 100644 --- a/quick_start/kubernetes_and_openshift/manifests/aqua-csp-quick-hostpath.yaml +++ b/quick_start/kubernetes_and_openshift/manifests/aqua-csp-quick-hostpath.yaml @@ -816,7 +816,7 @@ data: # Enable KA policy scanning via Trivy-Operator AQUA_KAP_ADD_ALL_CONTROL: "true" AQUA_WATCH_CONFIG_AUDIT_REPORT: "true" - AQUA_KB_IMAGE_NAME: "registry.aquasec.com/kube-bench:v0.10.4" + AQUA_KB_IMAGE_NAME: "registry.aquasec.com/kube-bench:v0.14.1" AQUA_ME_IMAGE_NAME: "registry.aquasec.com/microenforcer:2022.4" AQUA_KB_ME_REGISTRY_NAME: "aqua-registry" AQUA_ENFORCER_DS_NAME: "aqua-agent" #Sets Daemonset name