turbot/kubernetes_compliance

daemonset_container_privilege_disableddaemonset_container_privilege_escalation_disableddaemonset_cpu_limitdaemonset_cpu_requestdaemonset_host_network_access_disableddaemonset_hostpid_hostipc_sharing_disableddaemonset_immutable_container_filesystemdaemonset_memory_limitdaemonset_memory_requestdaemonset_non_root_containerdeployment_container_privilege_disableddeployment_container_privilege_escalation_disableddeployment_cpu_limitdeployment_cpu_requestdeployment_host_network_access_disableddeployment_hostpid_hostipc_sharing_disableddeployment_immutable_container_filesystemdeployment_memory_limitdeployment_memory_requestdeployment_non_root_containerendpoint_api_serve_on_secure_portjob_container_privilege_disabledjob_container_privilege_escalation_disabledjob_cpu_limitjob_cpu_requestjob_host_network_access_disabledjob_hostpid_hostipc_sharing_disabledjob_immutable_container_filesystemjob_memory_limitjob_memory_requestjob_non_root_containernamespace_limit_range_default_cpu_limitnamespace_limit_range_default_cpu_requestnamespace_limit_range_default_memory_limitnamespace_limit_range_default_memory_requestnamespace_resource_quota_cpu_limitnamespace_resource_quota_cpu_requestnamespace_resource_quota_memory_limitnamespace_resource_quota_memory_requestnetwork_policy_default_deny_egressnetwork_policy_default_deny_ingressnetwork_policy_default_dont_allow_egressnetwork_policy_default_dont_allow_ingresspod_container_privilege_disabledpod_container_privilege_escalation_disabledpod_host_network_access_disabledpod_hostpid_hostipc_sharing_disabledpod_immutable_container_filesystempod_non_root_containerpod_security_policy_allowed_host_pathpod_security_policy_container_privilege_disabledpod_security_policy_container_privilege_escalation_disabledpod_security_policy_host_network_access_disabledpod_security_policy_hostpid_hostipc_sharing_disabledpod_security_policy_immutable_container_filesystempod_security_policy_non_root_containerpod_security_policy_security_services_hardeningpod_service_account_token_disabledpod_volume_host_pathreplicaset_container_privilege_disabledreplicaset_container_privilege_escalation_disabledreplicaset_cpu_limitreplicaset_cpu_requestreplicaset_host_network_access_disabledreplicaset_hostpid_hostipc_sharing_disabledreplicaset_immutable_container_filesystemreplicaset_memory_limitreplicaset_memory_requestreplicaset_non_root_containerreplication_controller_container_privilege_disabledreplication_controller_container_privilege_escalation_disabledreplication_controller_cpu_limitreplication_controller_cpu_requestreplication_controller_host_network_access_disabledreplication_controller_hostpid_hostipc_sharing_disabledreplication_controller_immutable_container_filesystemreplication_controller_memory_limitreplication_controller_memory_requestreplication_controller_non_root_containerservice_account_token_disabled

Queries in Kubernetes Compliance

The Kubernetes Compliance mod includes 80 queries: