diff --git a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer/001_kube_enforcer_config.yaml b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer/001_kube_enforcer_config.yaml index 805bd445f..91e3c45e2 100644 --- a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer/001_kube_enforcer_config.yaml +++ b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer/001_kube_enforcer_config.yaml @@ -23,7 +23,7 @@ data: # Enable KA policy scanning via starboard AQUA_KAP_ADD_ALL_CONTROL: "true" AQUA_WATCH_CONFIG_AUDIT_REPORT: "true" - AQUA_KB_IMAGE_NAME: "aquasec/kube-bench:v0.7.3" + AQUA_KB_IMAGE_NAME: "registry.aquasec.com/kube-bench:v0.9.0" AQUA_ME_IMAGE_NAME: "registry.aquasec.com/microenforcer:2022.4" AQUA_KB_ME_REGISTRY_NAME: "aqua-registry" AQUA_ENFORCER_DS_NAME: "aqua-agent" #Sets Daemonset name @@ -260,7 +260,7 @@ metadata: name: configauditreports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: starboard - app.kubernetes.io/version: "0.15.20" + app.kubernetes.io/version: "0.15.22" spec: group: aquasecurity.github.io versions: @@ -390,7 +390,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.20" + app.kubernetes.io/version: "0.15.22" --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole diff --git a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer/003_kube_enforcer_deploy.yaml b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer/003_kube_enforcer_deploy.yaml index d04cb0221..6ec66aa95 100644 --- a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer/003_kube_enforcer_deploy.yaml +++ b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer/003_kube_enforcer_deploy.yaml @@ -114,7 +114,7 @@ spec: securityContext: {} containers: - name: operator - image: docker.io/aquasec/starboard-operator:0.15.20 + image: registry.aquasec.com/starboard-operator:0.15.22 imagePullPolicy: IfNotPresent securityContext: privileged: false diff --git a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_advanced/001_kube_enforcer_config.yaml b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_advanced/001_kube_enforcer_config.yaml index afe46475f..5db4c9ab0 100644 --- a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_advanced/001_kube_enforcer_config.yaml +++ b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_advanced/001_kube_enforcer_config.yaml @@ -402,7 +402,7 @@ metadata: name: configauditreports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: starboard - app.kubernetes.io/version: "0.15.20" + app.kubernetes.io/version: "0.15.22" spec: group: aquasecurity.github.io versions: @@ -532,7 +532,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.20" + app.kubernetes.io/version: "0.15.22" --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole diff --git a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_advanced/003_kube_enforcer_deploy.yaml b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_advanced/003_kube_enforcer_deploy.yaml index a8d0a8998..2737b9f19 100644 --- a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_advanced/003_kube_enforcer_deploy.yaml +++ b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_advanced/003_kube_enforcer_deploy.yaml @@ -78,7 +78,7 @@ spec: - name: CLUSTER_NAME value: "Default-cluster-name" # Cluster display name in aqua enterprise. - name: AQUA_KB_IMAGE_NAME - value: "aquasec/kube-bench:v0.7.3" + value: "registry.aquasec.com/kube-bench:v0.9.0" - name: AQUA_ME_IMAGE_NAME value: "registry.aquasec.com/microenforcer:2022.4" - name: AQUA_KB_ME_REGISTRY_NAME @@ -174,7 +174,7 @@ spec: securityContext: {} containers: - name: operator - image: docker.io/aquasec/starboard-operator:0.15.20 + image: registry.aquasec.com/starboard-operator:0.15.22 imagePullPolicy: IfNotPresent securityContext: privileged: false diff --git a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_advanced_trivy/003_kube_enforcer_deploy.yaml b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_advanced_trivy/003_kube_enforcer_deploy.yaml index d2f563dd8..5f50fc2dd 100644 --- a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_advanced_trivy/003_kube_enforcer_deploy.yaml +++ b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_advanced_trivy/003_kube_enforcer_deploy.yaml @@ -78,7 +78,7 @@ spec: - name: CLUSTER_NAME value: "Default-cluster-name" # Cluster display name in aqua enterprise. - name: AQUA_KB_IMAGE_NAME - value: "aquasec/kube-bench:v0.7.3" + value: "registry.aquasec.com/kube-bench:v0.9.0" - name: AQUA_ME_IMAGE_NAME value: "registry.aquasec.com/microenforcer:2022.4" - name: AQUA_KB_ME_REGISTRY_NAME diff --git a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_ocp3x/001_kube_enforcer_config.yaml b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_ocp3x/001_kube_enforcer_config.yaml index 5f252ab1e..040879741 100644 --- a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_ocp3x/001_kube_enforcer_config.yaml +++ b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_ocp3x/001_kube_enforcer_config.yaml @@ -23,7 +23,7 @@ data: # Enable KA policy scanning via starboard AQUA_KAP_ADD_ALL_CONTROL: "true" AQUA_WATCH_CONFIG_AUDIT_REPORT: "true" - AQUA_KB_IMAGE_NAME: "aquasec/kube-bench:v0.7.3" + AQUA_KB_IMAGE_NAME: "registry.aquasec.com/kube-bench:v0.9.0" AQUA_ME_IMAGE_NAME: "registry.aquasec.com/microenforcer:2022.4" AQUA_KB_ME_REGISTRY_NAME: "aqua-registry" AQUA_ENFORCER_DS_NAME: "aqua-agent" #Sets Daemonset name @@ -220,7 +220,7 @@ metadata: name: configauditreports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: starboard - app.kubernetes.io/version: "0.15.20" + app.kubernetes.io/version: "0.15.22" spec: group: aquasecurity.github.io versions: @@ -351,7 +351,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.20" + app.kubernetes.io/version: "0.15.22" --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole diff --git a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_ocp3x/003_kube_enforcer_deploy.yaml b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_ocp3x/003_kube_enforcer_deploy.yaml index 729b03a05..12cead5a5 100644 --- a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_ocp3x/003_kube_enforcer_deploy.yaml +++ b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_ocp3x/003_kube_enforcer_deploy.yaml @@ -114,7 +114,7 @@ spec: securityContext: {} containers: - name: operator - image: docker.io/aquasec/starboard-operator:0.15.20 + image: registry.aquasec.com/starboard-operator:0.15.22 imagePullPolicy: IfNotPresent securityContext: privileged: false diff --git a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_trivy/001_kube_enforcer_config.yaml b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_trivy/001_kube_enforcer_config.yaml index e6d60101b..548fd3d16 100644 --- a/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_trivy/001_kube_enforcer_config.yaml +++ b/enforcers/kube_enforcer/kubernetes_and_openshift/manifests/kube_enforcer_trivy/001_kube_enforcer_config.yaml @@ -23,7 +23,7 @@ data: # Enable KA policy scanning via Trivy-Operator AQUA_KAP_ADD_ALL_CONTROL: "true" AQUA_WATCH_CONFIG_AUDIT_REPORT: "true" - AQUA_KB_IMAGE_NAME: "aquasec/kube-bench:v0.7.3" + AQUA_KB_IMAGE_NAME: "registry.aquasec.com/kube-bench:v0.9.0" AQUA_ME_IMAGE_NAME: "registry.aquasec.com/microenforcer:2022.4" AQUA_KB_ME_REGISTRY_NAME: "aqua-registry" AQUA_ENFORCER_DS_NAME: "aqua-agent" #Sets Daemonset name diff --git a/quick_start/kubernetes_and_openshift/manifests/aqua-csp-quick-default-storage.yaml b/quick_start/kubernetes_and_openshift/manifests/aqua-csp-quick-default-storage.yaml index eec9bd5e2..dd3d52303 100644 --- a/quick_start/kubernetes_and_openshift/manifests/aqua-csp-quick-default-storage.yaml +++ b/quick_start/kubernetes_and_openshift/manifests/aqua-csp-quick-default-storage.yaml @@ -799,7 +799,7 @@ data: # Enable KA policy scanning via starboard AQUA_KAP_ADD_ALL_CONTROL: "true" AQUA_WATCH_CONFIG_AUDIT_REPORT: "true" - AQUA_KB_IMAGE_NAME: "aquasec/kube-bench:v0.7.3" + AQUA_KB_IMAGE_NAME: "registry.aquasec.com/kube-bench:v0.9.0" AQUA_ME_IMAGE_NAME: "registry.aquasec.com/microenforcer:2022.4" AQUA_KB_ME_REGISTRY_NAME: "aqua-registry" AQUA_ENFORCER_DS_NAME: "aqua-agent" #Sets Daemonset name @@ -817,7 +817,7 @@ metadata: name: configauditreports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: starboard - app.kubernetes.io/version: "0.15.20" + app.kubernetes.io/version: "0.15.22" spec: group: aquasecurity.github.io versions: @@ -925,7 +925,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.20" + app.kubernetes.io/version: "0.15.22" --- apiVersion: v1 kind: ServiceAccount @@ -1145,7 +1145,7 @@ spec: securityContext: {} containers: - name: operator - image: docker.io/aquasec/starboard-operator:0.15.20 + image: registry.aquasec.com/starboard-operator:0.15.22 imagePullPolicy: IfNotPresent securityContext: privileged: false diff --git a/quick_start/kubernetes_and_openshift/manifests/aqua-csp-quick-hostpath.yaml b/quick_start/kubernetes_and_openshift/manifests/aqua-csp-quick-hostpath.yaml index 79c86adeb..dda0a402d 100644 --- a/quick_start/kubernetes_and_openshift/manifests/aqua-csp-quick-hostpath.yaml +++ b/quick_start/kubernetes_and_openshift/manifests/aqua-csp-quick-hostpath.yaml @@ -816,7 +816,7 @@ data: # Enable KA policy scanning via starboard AQUA_KAP_ADD_ALL_CONTROL: "true" AQUA_WATCH_CONFIG_AUDIT_REPORT: "true" - AQUA_KB_IMAGE_NAME: "aquasec/kube-bench:v0.7.3" + AQUA_KB_IMAGE_NAME: "registry.aquasec.com/kube-bench:v0.9.0" AQUA_ME_IMAGE_NAME: "registry.aquasec.com/microenforcer:2022.4" AQUA_KB_ME_REGISTRY_NAME: "aqua-registry" AQUA_ENFORCER_DS_NAME: "aqua-agent" #Sets Daemonset name @@ -835,7 +835,7 @@ metadata: name: configauditreports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: starboard - app.kubernetes.io/version: "0.15.20" + app.kubernetes.io/version: "0.15.22" spec: group: aquasecurity.github.io versions: @@ -943,7 +943,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.20" + app.kubernetes.io/version: "0.15.22" --- apiVersion: v1 kind: ServiceAccount @@ -1163,7 +1163,7 @@ spec: securityContext: {} containers: - name: operator - image: docker.io/aquasec/starboard-operator:0.15.20 + image: registry.aquasec.com/starboard-operator:0.15.22 imagePullPolicy: IfNotPresent securityContext: privileged: false