🚀Launch Week 07, January 27th - 31st, 2025🚀

Plugins Docs Home

turbot/steampipe-mod-kubernetes-insights

0Benchmarks

0Variables

Kubernetes Cluster Dashboard Kubernetes Cluster Detail Kubernetes Cluster Role Detail Kubernetes Container Dashboard Kubernetes Container Detail Kubernetes CronJob Age Report Kubernetes CronJob Dashboard Kubernetes CronJob Detail Kubernetes CronJob Host Access Report Kubernetes DaemonSet Age Report Kubernetes DaemonSet Dashboard Kubernetes DaemonSet Detail Kubernetes DaemonSet Host Access Report Kubernetes Deployment Age Report Kubernetes Deployment Dashboard Kubernetes Deployment Detail Kubernetes Deployment HA Report Kubernetes Deployment Host Access Report Kubernetes Job Age Report Kubernetes Job Dashboard Kubernetes Job Detail Kubernetes Job Host Access Report Kubernetes Namespace Age Report Kubernetes Namespace Detail Kubernetes Namespace Report Kubernetes Node Age Report Kubernetes Node Detail Kubernetes Node Report Kubernetes Pod Age Report Kubernetes Pod Dashboard Kubernetes Pod Detail Kubernetes Pod Host Access Report Kubernetes RBAC - Who can delete events?Kubernetes RBAC - Who can delete pods?Kubernetes RBAC - Who can escalate privileges via node/proxy?Kubernetes RBAC - Who can exec into pods?Kubernetes RBAC - Who can read secrets?Kubernetes RBAC Explorer Kubernetes ReplicaSet Age Report Kubernetes ReplicaSet Dashboard Kubernetes ReplicaSet Detail Kubernetes ReplicaSet Host Access Report Kubernetes Role Detail Kubernetes Service Account Detail Kubernetes Service Age Report Kubernetes Service Dashboard Kubernetes Service Detail Kubernetes StatefulSet Age Report Kubernetes StatefulSet Dashboard Kubernetes StatefulSet Detail Kubernetes StatefulSet Host Access Report

Dashboard: Kubernetes Container Detail

This dashboard answers the following questions for each container:

What relationships does the container have with other resources?
How is my container configured?
Is my container privileged or not?
What volume mounts are applied?

This dashboard contains 5 cards, 1 graph, 1 input and 3 tables.

Usage

Install the mod:

mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/steampipe-mod-kubernetes-insights

Start the Powerpipe server:

steampipe service start
powerpipe server

Open http://localhost:9033 in your browser and select Kubernetes Container Detail dashboard.

You could also snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe dashboard run kubernetes_insights.dashboard.container_detail --share

Queries

This dashboard uses the the following queries:

select
  case when c -> 'securityContext' ->> 'allowPrivilegeEscalation' = 'true' then 'Enabled' else 'Disabled' end as value,
  'Privilege Escalation' as label,
  case when c -> 'securityContext' ->> 'allowPrivilegeEscalation' = 'true' then 'alert' else 'ok' end as type
from
  kubernetes_pod,
  jsonb_array_elements(containers) as c
where
  concat(c ->> 'name',name) = $1;

{
  "$1": "name"
}

Tags

service = Kubernetes/Container