kubernetes_compliance

Kubernetes Compliance

Containers in a Pod should not able to access any specific paths of the host file system. There are many ways a container with unrestricted access to the host filesystem can escalate privileges, including reading data from other containers, and abusing the credentials of system services, such as Kubelet.

pod_volume_host_path

nsa_cisa_v1_pod_security_container_disallow_host_path

Containers should not use hostPath mounts

all_controls_pod

Pod containers should not allow privilege escalation

kubernetes

Run individual controls or full compliance benchmarks for CIS, NSA CISA Kubernetes Hardening Guidance across all of your Kubernetes clusters using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-kubernetes-compliance

Control: Pod containers should not allow privilege escalation

Description

Usage

SQL

Tags