Prisma Cloud Checks fails for secret store CSI driver Daemonset #1680

mustaFAB53 · 2024-10-30T08:56:24Z

Describe the solution you'd like
On running Prisma Cloud Scan, we could see following checks getting failed for secret-store-csi-driver daeomonset

Mount container's root filesystem as read only
Do not disable default seccomp profile
Restrict container from acquiring additional privileges
Do not set mount propagation mode to shared
Container is running as root
Do not use privileged containers
Verify AppArmor profile, if applicable

Does all these failures needs to be added in exceptions considering functional requirements of secret store CSI driver or are there any chances we can resolve few of them.

Environment:

Secrets Store CSI Driver version: v1.4.6 (driver:v1.4.0, csi-node-driver-registrar:v2.8.0, livenessprobe:v2.10.0)
Kubernetes version: v1.29

The text was updated successfully, but these errors were encountered:

mustaFAB53 · 2024-11-04T05:03:46Z

Hi Team
Any updates / comments on this ?

mustaFAB53 added the kind/feature Categorizes issue or PR as related to a new feature. label Oct 30, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Prisma Cloud Checks fails for secret store CSI driver Daemonset #1680

Prisma Cloud Checks fails for secret store CSI driver Daemonset #1680

mustaFAB53 commented Oct 30, 2024 •

edited

Loading

mustaFAB53 commented Nov 4, 2024

Prisma Cloud Checks fails for secret store CSI driver Daemonset #1680

Prisma Cloud Checks fails for secret store CSI driver Daemonset #1680

Comments

mustaFAB53 commented Oct 30, 2024 • edited Loading

mustaFAB53 commented Nov 4, 2024

mustaFAB53 commented Oct 30, 2024 •

edited

Loading