Control: Replication Controller containers should have securityContext defined
Description
This check ensures that the container is running with a defined security context.
Usage
Run the control in your terminal:
powerpipe control run kubernetes_compliance.control.replication_controller_container_security_context_existsSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run kubernetes_compliance.control.replication_controller_container_security_context_exists --shareSQL
This control uses a named query:
select coalesce(uid, concat(path, ':', start_line)) as resource, case when c -> 'securityContext' is not null then 'ok' else 'alarm' end as status, case when c -> 'securityContext' is not null then c ->> 'name' || ' security context exists.' else c ->> 'name' || ' security context does not exist.' end as reason, name as replication_controller_name , coalesce(context_name, '') as context_name, namespace, source_type, coalesce(path || ':' || start_line || '-' || end_line, '') as pathfrom kubernetes_replication_controller, jsonb_array_elements(template -> 'spec' -> 'containers') as c;