turbot/kubernetes_compliance

Query: deployment_container_privilege_escalation_disabled

Usage

powerpipe query kubernetes_compliance.query.deployment_container_privilege_escalation_disabled

Steampipe Tables

SQL

select
coalesce(uid, concat(path, ':', start_line)) as resource,
case
when c -> 'securityContext' ->> 'allowPrivilegeEscalation' = 'false' then 'ok'
else 'alarm'
end as status,
case
when c -> 'securityContext' ->> 'allowPrivilegeEscalation' = 'false' then c ->> 'name' || ' not allowed root elevation.'
else c ->> 'name' || ' allowed root elevation.'
end as reason,
name as deployment_name
, coalesce(context_name, '') as context_name, namespace, source_type, coalesce(path || ':' || start_line || '-' || end_line, '') as path
from
kubernetes_deployment,
jsonb_array_elements(template -> 'spec' -> 'containers') as c;

Controls

The query is being used by the following controls: