add missing identifier and fix indentation

sig-bsi-grundschutz · Jul 16, 2024 · 601416f · 601416f
1 parent 2174217
commit 601416f
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 6 deletions.
diff --git a/applications/openshift/general/general_node_separation/rule.yml b/applications/openshift/general/general_node_separation/rule.yml
@@ -3,20 +3,28 @@ documentation_complete: true
 title: 'Create Boundaries between Resources using Nodes or Clusters'
 
 description: |-
-   Use Nodes or Clusters to isolate Workloads with high protection requirements.
+    Use Nodes or Clusters to isolate Workloads with high protection requirements.
 
-   Run the following command and review the pods and how they are deployed on Nodes. <pre>$ oc get pod -o=custom-columns=NAME:.metadata.name,NAMESPACE:.metadata.namespace,APP:.metadata.labels.app\.kubernetes\.io/name,NODE:.spec.nodeName --all-namespaces | grep -v "openshift-" </pre>
-   You can use labels or other data as custom field which helps you to identify parts of an application.
-   Ensure that Applications with high protection requirements are not colocated on Nodes or in Clusters with workloads of lower protection requirements.
+    Run the following command and review the pods and how they are deployed on Nodes.
+    <pre>$ oc get pod -o=custom-columns=NAME:.metadata.name,NAMESPACE:.metadata.namespace,APP:.metadata.labels.app\.kubernetes\.io/name,NODE:.spec.nodeName --all-namespaces | grep -v "openshift-" </pre>
+    You can use labels or other data as custom field which helps you to identify parts of an application.
+    Ensure that Applications with high protection requirements are not colocated on Nodes or in Clusters
+    with workloads of lower protection requirements.
 
 rationale: |-
-   Assigning workloads with high protection requirements to specific nodes creates and additional boundary (the node) between workloads of high protection requirements and workloads which might follow less strict requirements. An adversary which attacked a lighter protected workload now has additional obstacles for their movement towards the higher protected workloads.
+    Assigning workloads with high protection requirements to specific nodes creates and additional
+    boundary (the node) between workloads of high protection requirements and workloads which might
+    follow less strict requirements. An adversary which attacked a lighter protected workload now has
+    additional obstacles for their movement towards the higher protected workloads.
 
 references:
     bsi: APP.4.4.A14,APP.4.4.A15
 
 severity: medium
 
+identifiers:
+    cce@ocp4: CCE-90279-1
+
 ocil_clause: 'Application placement on Nodes and Clusters needs review'
 
 ocil: |-

diff --git a/shared/references/cce-redhat-avail.txt b/shared/references/cce-redhat-avail.txt
@@ -1353,7 +1353,6 @@ CCE-88725-7
 CCE-88727-3
 CCE-88728-1
 CCE-88729-9
-CCE-88731-5
 CCE-88734-9
 CCE-88735-6
 CCE-88736-4