Skip to content

This KubeArmor Policy Report adapter converts output received from KubeArmor and produces a policy report based on the Policy Report Custom Resource Definition.

Notifications You must be signed in to change notification settings

haardikdharma10/kubearmor-adapter

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

35 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

kubearmor-adapter

This KubeArmor Policy Report adapter converts output received from KubeArmor and produces a policy report based on the Policy Report Custom Resource Definition.

Running

Pre-requisites:

  • Follow the Development Guide to install and run KubeArmor on your machine. Using a vagrant environment is highly recommended. Once you have KubeArmor up and running on your machine, you're ready to create and update policy reports.

Steps:

# 1. Clone the kubearmor-adapter GitHub repository
git clone https://github.com/haardikdharma10/kubearmor-adapter
# 2. cd into kubearmor-adapter directory
cd kubearmor-adapter
# 3. Create a CustomResourceDefinition
kubectl create -f crd/v1alpha2/wgpolicyk8s.io_policyreports.yaml
# 4. Run main.go program
go run main.go

Note: Make sure you have the KubeArmor service running in the background before you run this command. If not, you can cd into KubeArmor/KubeArmor and run make clean && make run.

# 5. Open a new terminal window and deploy the multiubuntu microservice.
cd KubeArmor/examples/multiubuntu
kubectl apply -f .
#6. Deploy a security policy for testing
cd KubeArmor/examples/multiubuntu/security-policies
kubectl -n multiubuntu apply -f ksp-group-1-proc-path-block.yaml
#7. Trigger a policy violation by running the following command
kubectl -n [namespace-name] exec -it [pod-name] -- bash -c "/bin/sleep 1"

Note: In this example, namespace-name is multiubuntu and you can get the pod name by running kubectl get pods -n multiubuntu. An example pod-name is ubuntu-1-deployment-5d6b975744-rrkhh.

Once this command is executed, you'll get the output as below in the terminal window where main.go is running:

image

If you can see the output as above, this means that your first policyreport is created. You can now stop running the main program.

Viewing reports

You can view the summary of the created policyreport by running the following command:

kubectl get policyreports -n multiubuntu

To view the policyreport in yaml format, you can use:

kubectl get policyreports -n multiubuntu -o yaml

To view the report in a separate yaml file you can use:

kubectl get policyreports -o yaml > res.yaml

A new file res.yaml will be created in the kubearmor-adapter directory. You can view it by running cat res.yaml.

To delete the policyreport, you can use:

kubectl delete policyreports -n [namespace-name] [policy-report-name]

In our example, namespace-name is multiubuntu and policy-report-name is kubearmor-policy-report.

About

This KubeArmor Policy Report adapter converts output received from KubeArmor and produces a policy report based on the Policy Report Custom Resource Definition.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages