Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Kubernetes Admission Controller #13

Open
ogarrett opened this issue Jul 5, 2022 · 0 comments
Open

Kubernetes Admission Controller #13

ogarrett opened this issue Jul 5, 2022 · 0 comments
Labels
enhancement New feature or request help wanted Extra attention is needed

Comments

@ogarrett
Copy link
Contributor

ogarrett commented Jul 5, 2022

Use Case: I would like to protect my Kubernetes cluster by preventing the deployment of containers that appear to contain malware.

Requirement: a "validating" Kubernetes admission controller that executes IOCScanner against workloads and prevents the deployment of workloads that appear to contain malware.

Documentation requirements:

  • HOWTO documentation
  • Explanation of logging in success and failure cases, to assist troubleshooting
  • Worked example, using a false-positive known-bad container that fails the IOCScan checks
  • HOWTO configure Admission Controller to skip tests for certain containers ("in emergency, break glass"), for example, not blocking deployment of containers with certain labels.
@ogarrett ogarrett added enhancement New feature or request help wanted Extra attention is needed labels Jul 5, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ogarrett