Opens profile photo
Follow
Kubesploit — @kubesploit@mastodon.social
@kubesploit
News and links on Kubernetes security curated by the team
Kubernetes news in your inbox→learnk8s.io/learn-kubernet…Joined March 2021

Kubesploit — @kubesploit@mastodon.social’s Tweets

With Kubernetes v1.24, non-expiring service account tokens are no longer auto-generated This blog post highlights what this means in practice, and what to do if you rely on non-expiring service account tokens ➤
51
Kubeconform is a Kubernetes manifests validation tool Similar to Kubeval, but with the following improvements: ➀ High performance ➁ Remote or local schemas locations ➂ Up-to-date schemas for all recent versions of Kubernetes ➤
36
In this tutorial, you'll learn how to create a python program that uses IAM for Service Account to search for secrets in Secrets Manager and store them in a volume The script can be used as an init container to inject secrets into any pod ➤
1
68
kubeaudit is a command line tool and a Go package to audit Kubernetes clusters for various different security concerns, such as: - Run as non-root - Use a read-only root filesystem - Drop scary capabilities, don't add new ones - Don't run privileged ➜
1
45