Using Kubernetes Security Guardrails

This page assumes that you have worked through your clusters account setup and management and enabled a scanner (either local or remote) to harvest and populate the data associated with Kubernetes Security Guardrails.

InsightCloudSec currently supports the setup and harvest of Kubernetes cluster details through two possible scanners. The remote scanner, which supports harvesting of managed Kubernetes clusters - and the local scanner, which supports managed Kubernetes clusters not accessible to InsightCloudSec and any self-managed Kubernetes clusters.

If you still need details on connecting your Kubernetes clusters or selecting a scanner refer the following pages:

Kubernetes Security Guardrails & Insights

Refer to the instructions below to identify and use Insights that apply to the findings generated for your Kubernetes cluster by Guardrails

  1. From InsightCloudSec navigate to Security>Insights.
  2. Select the Kubernetes Security logo from the list of cloud providers.
    If you have existing Kubernetes clusters there may be two logos. The one with the dot to the top right is for Insights that support Kubernetes Security Guardrails.
  3. Only Insights related to the Kubernetes cluster security will display.
    • Further filtering using the Scopes function will allow you to narrow your search to identify issues with specific clusters or namespaces.
      • Namespaces will be available as a type of Resource Group and as such will appear within the navigation panel that includes Resource Groups.

View Insights for Kubernetes Security Guardrails

Create a Custom Pack for Kubernetes Security Guardrails

Many of these Insights are included in the Center for Internet Security (CIS) - Kubernetes (1.6.0) Compliance Packs. However, it is also possible to create Custom Packs.

  1. Navigate to Security>Insights.

  2. Select Custom Packs and click the CREATE PACK button.
    Provide a name, description, and complete any other options you desire.

  3. Click Submit.

  4. From Security>Insights, select Library

    • Select the Kubernetes Security logo from the list of cloud logos
    • Select the Insights you wish to add to your custom pack with the checkbox icon
  5. Click the ACTIONS button and choose Add to pack from the menu.

  6. Locate your custom pack and select to add the selected Insights.

Viewing Kubernetes Security Guardrails Details in the Compliance Scorecard

In addition to viewing information about your clusters and namespaces through Insights, you can also view this information in the Compliance Scorecard. Simply select Cluster/Namespace (this is a filter mode that is specific to the Kubernetes Security Guardrails feature) or Cloud/Cluster (to include all Clusters - those previously added and anything new) and filter as desired.

Cluster/Namespace filter mode

The Cluster/Namespace filter mode will only display namespaces within the Cluster selected, if you select a single Cluster.

Take a look at our Compliance Scorecard documentation for complete details on this feature.