Azure AzureSpnHunter is not working as expected

aquasecurity / kube-hunter

Hunt for security weaknesses in Kubernetes clusters

Apache License 2.0

4.7k stars 581 forks source link

Closed itaysk closed 3 years ago

itaysk commented 3 years ago

Azure AzureSpnHunter is not finding pods with access to /etc/kubernetes/azure.json The code had a couple issues:

it checks the container mountPath, which only says about how the container sees the mount, not what is being mounted
it doesn't check the volume type. only hostPath volumes should be considered I have a PR to fix that