Comments (5)
@dorukozturk , herewith the proposed JSON output that will help:
{ "cluster_wide": { "security": { "iam": { "disable_anonymous_access_for_cluster_roles": ["RESOURCE#1", "RESOURCE#3"] }, "multi_tenancy": { "ensure_namespace_quotas_exist": ["RESOURCE#4"] } }, "reliability": { "applications": { "check_metrics_server_is_running": ["RESOURCE#1", "RESOURCE#2"], "check_vertical_pod_autoscaler_exists": ["RESOURCE#3"] } } }, "namespace_based": { "pod_security": { "disallow_container_socket_mount": ["RESOURCE#4", "RESOURCE#2", "RESOURCE#1"], "set_requests_limits_for_containers": ["RESOURCE#5"] } } }
from hardeneks.
Do we have estimate timeline on when this will be deliver? @dorukozturk
from hardeneks.
@kuettai Realistically, early March I can deliver this. Even though it is relatively simple, I am planning to refactor the code a little and will try to integrate this feature as part of that big refactor.
from hardeneks.
I'd also be interested in this. Would simplify the process of introducing failed checks to a board
from hardeneks.
@mission-coliveros This PR implements it (#21). It is getting reviewed and will be merged soon. After that I will release the new version and close this issue. Thanks for trying :)
from hardeneks.
Related Issues (20)
- System ClusterRoles should have '*' in Verbs or Resources and Maybe Others? HOT 1
- Unique identifier for each rules HOT 1
- Hardeneks doesn't work through the SSH tunnel HOT 5
- brew packaging HOT 5
- Add Date and Time to the Report Output HOT 1
- Not Able to Run On Windows
- Namespaces should have psa modes. - Not working HOT 3
- False Positive With "Don't bind clusterroles to anonymous/unauthenticated groups." HOT 2
- False Positive with "Update the aws-node daemonset to use IRSA." HOT 3
- Feature Request: Add a flag to generate a config file with all rules HOT 2
- HTML output is narrowed in linux runtime HOT 3
- JSON report not similar to HTML or TXT
- Typo for result object in rule "Namespaces should have quotas assigned" HOT 1
- doesn't work with sso HOT 4
- Check for runAsUser and runAsGroup at container level HOT 1
- Read-only root file system check broken if the container.security_context not defined HOT 1
- JSON Output Overwrites Results for Different Namespaces HOT 1
- Link is truncated for long links HOT 4
- Possibility to export to save the report HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from hardeneks.