kuettai
commented
1 year ago Do we have estimate timeline on when this will be deliver? @dorukozturk
Closed dorukozturk closed 1 year ago
kuettai
commented
1 year ago Do we have estimate timeline on when this will be deliver? @dorukozturk
dorukozturk
commented
1 year ago @kuettai Realistically, early March I can deliver this. Even though it is relatively simple, I am planning to refactor the code a little and will try to integrate this feature as part of that big refactor.
mission-coliveros
commented
1 year ago I'd also be interested in this. Would simplify the process of introducing failed checks to a board
dorukozturk
commented
1 year ago @mission-coliveros This PR implements it (https://github.com/aws-samples/hardeneks/pull/21). It is getting reviewed and will be merged soon. After that I will release the new version and close this issue. Thanks for trying :)
@dorukozturk , herewith the proposed JSON output that will help:
{ "cluster_wide": { "security": { "iam": { "disable_anonymous_access_for_cluster_roles": ["RESOURCE#1", "RESOURCE#3"] }, "multi_tenancy": { "ensure_namespace_quotas_exist": ["RESOURCE#4"] } }, "reliability": { "applications": { "check_metrics_server_is_running": ["RESOURCE#1", "RESOURCE#2"], "check_vertical_pod_autoscaler_exists": ["RESOURCE#3"] } } }, "namespace_based": { "pod_security": { "disallow_container_socket_mount": ["RESOURCE#4", "RESOURCE#2", "RESOURCE#1"], "set_requests_limits_for_containers": ["RESOURCE#5"] } } }