Kubernetes Compliance Mod
Run individual controls or full compliance benchmarks for
NSA and CISA Kubernetes Hardening Guidance across all of your Kubernetes clusters.
Kubernetes also known as K8s, is an open-source system for automating deployment, scaling, and management of containerized applications.
NSA & CISA Cybersecurity Technical Report describes the complexities of securely managing Kubernetes an open-source, container-orchestration system used to automate deploying, scaling, and managing containerized applications.
Steampipe is an open source CLI to instantly query cloud APIs using SQL.
Steampipe Mods are collections of
named queries, and codified
controls that can be used to test current configuration of your cloud resources against a desired configuration.
Install the Kubernetes plugin with Steampipe:
steampipe plugin install kubernetes
git clone https://github.com/turbot/steampipe-mod-kubernetes-compliance.gitcd steampipe-kubernetes-compliance
Run all benchmarks:
steampipe check all
Run a single benchmark:
steampipe check benchmark.nsa_cisa_v1_network_hardening_cpu_limit
Run a specific control:
steampipe check control.daemonset_cpu_limit
This mod uses the credentials configured in the Steampipe Kubernetes plugin.
No extra configuration is required.