Rename assessment guides, configure redirects

Signed-off-by: Derek Nola <derek.nola@suse.com>
dereknola · Apr 24, 2024 · 0ed0a08 · 0ed0a08
1 parent 4e73692
commit 0ed0a08
Show file tree

Hide file tree

Showing 7 changed files with 16 additions and 11 deletions.
diff --git a/docs/advanced.md b/docs/advanced.md
@@ -1,8 +1,5 @@
 ---
 title: "Advanced Options / Configuration"
-aliases:
-  - /k3s/latest/en/running/
-  - /k3s/latest/en/configuration/
 ---
 
 This section contains advanced information describing the different ways you can run and manage K3s, as well as steps necessary to prepare the host OS for K3s use.

diff --git a/docs/security/hardening-guide.md b/docs/security/hardening-guide.md
@@ -852,4 +852,4 @@ For `default` service accounts in the built-in namespaces (`kube-system`, `kube-
 
 ## Conclusion
 
-If you have followed this guide, your K3s cluster will be configured to comply with the CIS Kubernetes Benchmark. You can review the [CIS Benchmark Self-Assessment Guide](self-assessment.md) to understand the expectations of each of the benchmark's checks and how you can do the same on your cluster.
+If you have followed this guide, your K3s cluster will be configured to comply with the CIS Kubernetes Benchmark. You can review the [CIS 1.8 Self-Assessment Guide](self-assessment-1.8.md) to understand the expectations of each of the benchmark's checks and how you can do the same on your cluster.
diff --git a/docs/security/security.md b/docs/security/security.md
@@ -4,7 +4,14 @@ title: "Security"
 
 This section describes the methodology and means of securing a K3s cluster. It's broken into 2 sections. These guides assume k3s is running with embedded etcd.
 
-The documents below apply to CIS Kubernetes Benchmark v1.23.
+First the hardening guide provides a list of security best practices to secure a K3s cluster.
 
 * [Hardening Guide](hardening-guide.md)
-* [CIS Benchmark Self-Assessment Guide](self-assessment.md)
+
+Second, is the self assessment to validate a hardened cluster. We currently have two different assessments available:
+
+* [CIS 1.23 Benchmark Self-Assessment Guide](self-assessment-1.23.md), older version of the CIS benchmark
+
+* [CIS 1.8 Benchmark Self-Assessment Guide](self-assessment-1.8.md), newer version of the CIS benchmark
+
+
diff --git a/docs/security/self-assessment.md → docs/security/self-assessment-1.23.md b/docs/security/self-assessment.md → docs/security/self-assessment-1.23.md
diff --git a/docs/security/cis-1.8.md → docs/security/self-assessment-1.8.md b/docs/security/cis-1.8.md → docs/security/self-assessment-1.8.md
@@ -6,7 +6,7 @@ title: CIS 1.8 Self Assessment Guide
 
 This document is a companion to the [K3s security hardening guide](hardening-guide.md). The hardening guide provides prescriptive guidance for hardening a production installation of K3s, and this benchmark guide is meant to help you evaluate the level of security of the hardened cluster against each control in the CIS Kubernetes Benchmark. It is to be used by K3s operators, security teams, auditors, and decision-makers.
 
-This guide is specific to the **vv1.26-v1.29** release line of K3s and the **v1.8** release of the CIS Kubernetes Benchmark.
+This guide is specific to the **v1.26-v1.29** release line of K3s and the **v1.8** release of the CIS Kubernetes Benchmark.
 
 For more information about each control, including detailed descriptions and remediations for failing tests, you can refer to the corresponding section of the CIS Kubernetes Benchmark v1.8. You can download the benchmark, after creating a free account, in [Center for Internet Security (CIS)](https://www.cisecurity.org/benchmark/kubernetes/).
 
@@ -1781,7 +1781,7 @@ it is set to an empty array.
 
 **Remediation:**
 Review the use of capabilities in applications running on your cluster. Where a namespace
-contains applicaions which do not require any Linux capabities to operate consider adding
+contains applications which do not require any Linux capabities to operate consider adding
 a PSP which forbids the admission of containers which do not drop all capabilities.
 
 ### 5.2.11 Minimize the admission of Windows HostProcess containers (Manual)

diff --git a/docusaurus.config.js b/docusaurus.config.js
@@ -122,7 +122,8 @@ module.exports = {
           { from: '/backup-restore/backup-restore', to: '/datastore/backup-restore' },
           { from: '/reference/agent-config', to: '/cli/agent' },
           { from: '/reference/server-config', to: '/cli/server' },
-	  { from: '/installation/network-options', to: '/networking/basic-network-options' },
+	        { from: '/installation/network-options', to: '/networking/basic-network-options' },
+	        { from: '/security/self-assessment', to: '/security/self-assessment-1.23' },
         ],
       },
     ],

diff --git a/sidebars.js b/sidebars.js
@@ -45,8 +45,8 @@ module.exports = {
       items:[
         'security/secrets-encryption',
         'security/hardening-guide',
-        'security/cis-1.8',
-        'security/self-assessment',
+        'security/self-assessment-1.8',
+        'security/self-assessment-1.23',
       ],
     },
     {