🔒 awesome-kubernetes-security

A curated list of awesome Kubernetes security resources. Can you dig it?

Open Source Projects

• audit2rbac - Autogenerate RBAC policies based on Kubernetes audit logs
• falco - Container Native Runtime Security
• kiam - Integrate AWS IAM with Kubernetes
• kube-bench - Check whether Kubernetes is deployed according to security best practics
• kube-hunter - Hunt for security weaknesses in Kubernetes clusters
• kube-psp-advisor - Help building an adaptive and fine-grained pod security policy
• kube-scan - k8s cluster risk assessment tool
• kube2iam - Provide different AWS IAM roles for pods running on Kubernetes
• kubeaudit - Audit your Kubernetes clusters against common security controls
• kubectl-bindrole - Find Kubernetes roles bound to a specified ServiceAccount, Group or User
• kubectl-dig - Deep Kubernetes visibility from the kubectl
• kubectl-kubesec - Scan Kubernetes pods, deployments, daemonsets and statefulsets with kubesec.io
• kubectl-who-can - Show who has permissions to <verb> <resource> in Kubernetes
• kyverno - Kubernetes Native Policy Management
• rakkess - Review access matrix for Kubernetes server resources
• rback - RBAC in Kubernetes visualizer
• trivy - A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI
• kubernetes-rbac-audit - Tool for auditing RBACs in Kubernetes

General Resources

• Kubernetes Security and Disclosure Information
• Kubernetes Security
• GKE Security Bulletins

Twitter Accounts

• Ann N Wallace
• Annabelle Bertucio
• Brad Geessaman
• Duffie Cooley
• Erik St. Martin
• Greg Castle
• Ian Coldwater
• Jimmy Mesta
• Jordan Liggitt
• learnk8s
• Liz Rice
• Mark Manning
• Maya Kaczorowski
• Michael Ducy
• Michael Hausenblas
• Peter Benjamin
• Rory McCune
• Tabitha Sable
• Tim Allclair
• Timothy St. Clair