If you’re processing Credit Card Payments on the OpenShift Container Platform, the Payment Card Industry and the Data Security Standard is a must on your cluster.
With Red Hat’s release of the Compliance Operator v0.1.59, they added support for IBM Power Systems.
I wanted to share a couple of notes about the Compliance Operator:
- The Compliance Operator supports the
- The Compliance Operator sources the profiles which have a set of rules from ComplianceAsCode/content. For instance, you can see the OpenShift profiles at products/ocp4/profiles/.
- The Compliance Operator PCI-DSS profiles support v3.2.1.
- If you see a profile with a postfix of
-node, it’s focus is on the Operating System.
- If you see no
-nodeon the profile name, it’s focus is on the Kubernetes and OpenShift platform.
Clarification 2023-FEB-07 I learned the -node and node were actually there due to limitations in oscap, together they represent the same profile and are expected to be applied together.
I hope this quick notes help you.
Leave a Reply