UNCLASSIFIED - NO CUI

Skip to content

Refactor Twistlock ServiceAccount hardening to use wildcard

Justen Mehl requested to merge 1866-refactor-twistlock-hardening into master

General MR

Summary

Omits the serviceAccounts list in Twistlock automountServiceAccountToken hardening, allowing the mutator to target all SAs via wildcard. This is more robust and better accommodates upstream changes over time.

At the moment, however, this is a simple refactor and there is no change to the original hardening.

Relevant logs/screenshots

N/A

Linked Issue

Closes https://repo1.dso.mil/big-bang/bigbang/-/issues/1866

Upgrade Notices

N/A

Edited by Justen Mehl

Merge request reports

Loading