We just raised $15M and we are hiring!
k8s

Kubernetes Policies

With Kubernetes Policies, you can use CloudQuery to automatically check compliance and security of Kubernetes Cluster. Supports NSA and CISA Kubernetes Hardening Guidance v1.0

$ cloudquery policy run k8s
Category
compliance
Version
v0.1.2
License
"MPL-2.0"
License
"MPL-2.0"

Official Kubernetes security & compliance policy pack for CloudQuery.

What is CloudQuery

The open-source cloud asset inventory powered by SQL.

CloudQuery extracts, transforms, and loads your cloud assets into normalized PostgreSQL tables. CloudQuery enables you to assess, audit, and evaluate the configurations of your cloud assets.

Links

Included Policies

  • NSA and CISA Kubernetes Hardening Guidance v1.0

Quick Start

Prerequisite

  1. Install CloudQuery

# install with brew brew install cloudquery/tap/cloudquery # or download precompiled binaries from https://github.com/cloudquery/cloudquery/releases
  1. Download and Configure K8S Provider

cloudquery init k8s
  1. Fetch

# connect or run a local PostgreSQL docker run -p 5432:5432 -e POSTGRES_PASSWORD=pass -d postgres # extract your cloud infra configuration cloudquery fetch

Running

# Describe what is available in the policy pack cloudquery policy describe k8s # Run the whole pack cloudquery policy run k8s # Run specific policy cloudquery policy run k8s//nsa_cisa_v1