CCSS (Common Configuration Scoring System) is a set of measures used to determine the severity of the rule.
Each rule is associated with a high-level category. For example IAM, Container, Monitoring, Logging, Network, etc.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsFailure to enable Hadoop Secure Mode/Kerberos in Google Cloud Dataproc increases the risk of unauthorized access and data breaches. Enabling Hadoop Secure Mode/Kerberos ensures authentication and encryption for secure cluster communication and protects sensitive data from unauthorized access.
Set the enable_kerberos
attribute to true
in kerberos_config
of the Dataproc cluster.
resource "google_dataproc_cluster" "mycluster" {
name = "clustera1"
region = "us-east-1"
cluster_config {
security_config {
kerberos_config {
kms_key_uri = "projects/test-project/locations/global/keyRings/kerberos-key-ring/cryptoKeys/kerberos-crypto-key"
root_principal_password_uri = "gs://kerberos-secret-bucket20/ciphertext.encrypted"
enable_kerberos = true
}
}
}
}