kubernetes_compliance

Kubernetes Compliance

Kubernetes Roles and ClusterRoles provide access to resources based on sets of objects and actions that can be taken on those objects. It is possible to set either of these to be the wildcard "*" which matches all items. Use of wildcards is not optimal from a security perspective as it may allow for inadvertent access to be granted when new resources are added to the Kubernetes API either as CRDs or in later versions of the product.

role_with_wildcards_used

all_controls_role

Role

Minimize wildcard use in Roles and ClusterRoles

kubernetes

Run individual controls or full compliance benchmarks for CIS, NSA CISA Kubernetes Hardening Guidance across all of your Kubernetes clusters using Powerpipe and Steampipe.

Control: Minimize wildcard use in Roles and ClusterRoles

Description

Usage

SQL

Tags