Closed andrewg-xyz closed 2 years ago
brandtkeller
commented
2 years ago Yes! Current Proof-of-concept will be targeting a live-environment. With one of the proposed architectures for kubernetes compliance, providing manifests as the target is feasible. Labeling with post-POC to track extended functionality to support
brandtkeller
commented
2 years ago This has been initially implemented in #25
brandtkeller
commented
2 years ago Readme documents the --resource or -r flag that ingests many resource manifests and performs validation against those given a supplied OSCAL component file.
Closing.
Kubernetes is largely declarative, might there be a way to run the auditor against manifests before they are applied to the cluster to inform the security posture?