Adjust PCI-DSS 4.2.1

- Add api_server_tls_cert rule - Tweak note on requirement 4.2.1
ComplianceAsCode · Jun 6, 2024 · 6c27d39 · 6c27d39
1 parent 997b24c
commit 6c27d39
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/controls/pcidss_4_ocp4.yml b/controls/pcidss_4_ocp4.yml
@@ -1255,6 +1255,7 @@ controls:
         - tls_version_check_masters_workers
         - tls_version_check_router
         - etcd_check_cipher_suite
+        - api_server_tls_cert
         - api_server_tls_security_profile
         - ingress_controller_certificate
         - ingress_controller_tls_security_profile
@@ -1273,7 +1274,7 @@ controls:
         status: not applicable
         notes: |-
           OpenShift doesn't directly handle PANs, the management of keys and certificates
-          protecting a PAN is resposibility of the application.
+          protecting them is responsibility of the payment application.
 
       - id: 4.2.1.2
         title: Wireless networks transmitting PAN or connected to the CDE use industry best