Merge pull request #548 from Azure/erjosito-patch-1

Minor fixes
Azure · Nov 15, 2023 · 681d288 · 681d288
2 parents ed61835 + a4b6a95
commit 681d288
Showing 1 changed file with 14 additions and 5 deletions.
diff --git a/checklists/aro_checklist.en.json b/checklists/aro_checklist.en.json
@@ -20,13 +20,22 @@
             "severity": "High",
             "link": "https://learn.microsoft.com/azure/openshift/configure-azure-ad-ui"
         },
+        {
+            "category": "Identity and Access Management",
+            "subcategory": "Identity",
+            "text": "When using AAD authentication, remove kubeadmin user from the cluster.",
+            "waf": "Security",
+            "guid": "adfec5f9-a82d-46e9-a8d1-5a0c7fed5d15",
+            "id": "A01.03",
+            "link": "https://docs.openshift.com/container-platform/4.14/authentication/remove-kubeadmin.html"
+        },
         {
             "category": "Identity and Access Management",
             "subcategory": "Identity",
             "text": "Define OpenShift projects to restrict RBAC privilege and isolate workloads in your cluster.",
             "waf": "Security",
             "guid": "483835c9-86bb-4291-8155-a11475e39f54",
-            "id": "A01.03",
+            "id": "A01.04",
             "severity": "High",
             "link": "https://docs.openshift.com/container-platform/4.13/applications/projects/working-with-projects.html"
         },
@@ -36,7 +45,7 @@
             "text": "Define the required RBAC roles in OpenShift are scoped to either a project or a cluster.",
             "waf": "Security",
             "guid": "0acccd97-9376-4bcd-a375-0ab2ab039da6",
-            "id": "A01.04",
+            "id": "A01.05",
             "severity": "Medium",
             "link": "https://docs.openshift.com/container-platform/4.13/authentication/using-rbac.html"
         },
@@ -46,7 +55,7 @@
             "text": "Minimize the number of users who have administrator rights and secrets access.",
             "waf": "Security",
             "guid": "d54d7c89-29db-4107-b532-5ae625ca44e4",
-            "id": "A01.05",
+            "id": "A01.06",
             "severity": "Medium",
             "link": "https://learn.microsoft.com/azure/cost-management-billing/manage/direct-ea-administration#manage-notification-contacts"
         },
@@ -56,7 +65,7 @@
             "text": "Use Privileged Identity Management in AAD for ARO users with privileged roles.",
             "waf": "Security",
             "guid": "685e2223-ace8-4bb1-8307-ca5f16f154e3",
-            "id": "A01.06",
+            "id": "A01.07",
             "severity": "Medium",
             "link": "https://learn.microsoft.com/azure/active-directory/privileged-identity-management/pim-configure"
         },
@@ -158,7 +167,7 @@
             "guid": "467a1f89-35bd-4a43-924f-14811533182a",
             "id": "C01.03",
             "severity": "Low",
-            "link": "https://learn.microsoft.com/azure/active-directory-domain-services/overview"
+            "link": "https://learn.microsoft.com/azure/architecture/guide/design-principles/managed-services"
         },
         {
             "category": "Operations management",