Why am I getting a platform mismatch error message when running a GKE assessment

Product Name

CIS Hardened Images® (Google Cloud Platform)

Product Version

All

Date

Dec 22, 2021

Problem

When I run a CIS-CAT Pro Assessment against my GKE system I am getting a platform mistmatch.

OR

How do you run CIS Google Kubernetes Engine (GKE) Benchmark in a typical environment?

Solution

With GKE, you can use CIS Benchmarks for: GKE, Kubernetes, Docker, and Linux. Note that Container-Optimized OS (COS), the default node OS for GKE, does not have a CIS Benchmark; and that the container runtime containerd also does not have a CIS Benchmark.

Please see the below article which explains what the CIS Kubernetes and Google Kubernetes Engine (GKE) Benchmarks are, how to audit your compliance with the Benchmarks, and what GKE configures where you cannot directly audit or implement a recommendation yourself. https://cloud.google.com/kubernetes-engine/docs/concepts/cis-benchmarks

The GKE Benchmark can be run against a container, but it is built and tested with a "full system" in mind.

Keywords; GKE Container

Content by Label

Page:

Feature Enhancement Requests for CIS Products

Center for Internet Security®

Privacy Policy