Using Kubernetes Security Guardrails
Details on Working with the InsightCloudSec Kubernetes Guardrails Feature.
This page assumes that you have worked through your clusters account setup and management and enabled a scanner (either local or remote) to harvest and populate the data associated with Kubernetes Security Guardrails.
InsightCloudSec currently supports the setup and harvest of Kubernetes cluster details through two possible scanners. The remote scanner, which supports harvesting of managed Kubernetes clusters - and the local scanner, which supports managed Kubernetes clusters not accessible to InsightCloudSec and any self-managed Kubernetes clusters.
If you still need details on connecting your Kubernetes clusters or selecting a scanner refer the following pages:
Kubernetes Security Guardrails & Insights
Refer to the instructions below to identify and use Insights that apply to the findings generated for your Kubernetes cluster by Guardrails
- Refer to our Insights documentation for detailed information on this feature.
- You can also find check out instructions on Creating a Custom Insight Pack
- If you have questions or need assistance reach out to us through the Customer Support Portal.
View Insights Related to Kubernetes Security Guardrails
1. From InsightCloudSec navigate to "Security → Insights".
2. Select the logo from the list of cloud providers.
- Note: If you have existing Kubernetes clusters there may be two logos. The one with the dot to the top right is for Insights that support Kubernetes Security Guardrails.
3. Only Insights related to the Kubernetes cluster security will display.
- Further filtering using the Scopes function will allow you to narrow your search to identify issues with specific clusters or namespaces.
- Note: Namespaces will be available as a "type" of Resource Group and as such will appear within the navigation panel that includes Resource Groups.
Create a Custom Pack for Kubernetes Security Guardrails
Many of these Insights are included in the “Center for Internet Security (CIS) - Kubernetes (1.6.0)” Compliance Packs. However, it is also possible to create Custom Packs.
1. Navigate to "Security → Insights".
2. Select "Custom Packs" and click the “CREATE PACK” button.
- Provide a name, description, and complete any other options you desire.
3. Click “Submit”.
4. From "Security --> Insights", select Library
- Select the "Kubernetes Security" logo from the list of cloud logos
- Select the Insights you wish to add to your custom pack with the checkbox icon
5. Click the “ACTIONS” button and choose “Add to pack” from the menu
6. Locate your custom pack and select to add the selected Insights.
Viewing Kubernetes Security Guardrails Details in the Compliance Scorecard
In addition to viewing information about your clusters and namespaces through Insights, you can also view this information in the Compliance Scorecard. Simply select Cluster/Namespace (this is a filter mode that is specific to the Kubernetes Security Guardrails feature) or Cloud/Cluster (to include *all Clusters - those previously added and anything new) and filter as desired.
*Important Note: The Cluster/Namespace filter mode will only display namespaces within the Cluster selected, if you select a single Cluster.*
- Take a look at our Compliance Scorecard documentation for complete details on this feature.
Updated 5 months ago