This document describes the level of compliance that Google Distributed Cloud has with the CIS Container-Optimized OS Benchmark. The Benchmark is a set of recommendations for configuring instances that use Container-Optimized OS to support a strong security posture.
Access the benchmark
The CIS Container-Optimized OS Benchmark is available on the CIS website:
- Go to the CIS Benchmarks downloads page.
- Search for CIS Google Container-Optimized OS Benchmark.
- Click Download PDF.
Recommendation levels
The following table describes the recommendation levels for the CIS Container-Optimized OS Benchmark.
| Level | Description |
|---|---|
| Level 1 | Recommendations at this level are meant to be applicable to the majority of environments. |
| Level 2 | Extends the Level 1 profile, resulting in a more stringent security environment. |
Status of Google Distributed Cloud
The Container-Optimized OS images used with Google Distributed Cloud are hardened to meet the CIS Level 1 - Server profile. All Google Distributed Cloud components pass the recommendations for this level.