Skip to content
/ kubearmor-adapter Public

This KubeArmor Policy Report adapter converts output received from KubeArmor and produces a policy report based on the Policy Report Custom Resource Definition.

3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

haardikdharma10/kubearmor-adapter

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

35 Commits

assets

assets

 
 

crd

crd

 
 

pkg

pkg

 
 

samples

samples

 
 

README.md

README.md

 
 

go.mod

go.mod

 
 

go.sum

go.sum

 
 

main.go

main.go

 
 

Repository files navigation

kubearmor-adapter

This KubeArmor Policy Report adapter converts output received from KubeArmor and produces a policy report based on the Policy Report Custom Resource Definition.

Running

Pre-requisites:

  • Follow the Development Guide to install and run KubeArmor on your machine. Using a vagrant environment is highly recommended. Once you have KubeArmor up and running on your machine, you're ready to create and update policy reports.

Steps:

# 1. Clone the kubearmor-adapter GitHub repository
git clone https://github.com/haardikdharma10/kubearmor-adapter
# 2. cd into kubearmor-adapter directory
cd kubearmor-adapter
# 3. Create a CustomResourceDefinition
kubectl create -f crd/v1alpha2/wgpolicyk8s.io_policyreports.yaml
# 4. Run main.go program
go run main.go

Note: Make sure you have the KubeArmor service running in the background before you run this command. If not, you can cd into KubeArmor/KubeArmor and run make clean && make run.

# 5. Open a new terminal window and deploy the multiubuntu microservice.
cd KubeArmor/examples/multiubuntu
kubectl apply -f .
#6. Deploy a security policy for testing
cd KubeArmor/examples/multiubuntu/security-policies
kubectl -n multiubuntu apply -f ksp-group-1-proc-path-block.yaml
#7. Trigger a policy violation by running the following command
kubectl -n [namespace-name] exec -it [pod-name] -- bash -c "/bin/sleep 1"

Note: In this example, namespace-name is multiubuntu and you can get the pod name by running kubectl get pods -n multiubuntu. An example pod-name is ubuntu-1-deployment-5d6b975744-rrkhh.

Once this command is executed, you'll get the output as below in the terminal window where main.go is running:

image

If you can see the output as above, this means that your first policyreport is created. You can now stop running the main program.

Viewing reports

You can view the summary of the created policyreport by running the following command:

kubectl get policyreports -n multiubuntu

To view the policyreport in yaml format, you can use:

kubectl get policyreports -n multiubuntu -o yaml

To view the report in a separate yaml file you can use:

kubectl get policyreports -o yaml > res.yaml

A new file res.yaml will be created in the kubearmor-adapter directory. You can view it by running cat res.yaml.

To delete the policyreport, you can use:

kubectl delete policyreports -n [namespace-name] [policy-report-name]

In our example, namespace-name is multiubuntu and policy-report-name is kubearmor-policy-report.

About

This KubeArmor Policy Report adapter converts output received from KubeArmor and produces a policy report based on the Policy Report Custom Resource Definition.

Topics

kubernetes kubectl kubernetes-monitoring kubearmor

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages