Hello,
I am working with a Kubernetes cluster that has multiple namespaces, each running several applications. These applications are deployed across various pods, and network policies are implemented for access control, as well as ingress and egress traffic management.
I would like to know if bom currently supports or has plans to support the generation of a Kubernetes SBOM (KBOM) that includes the following details:
Namespace Information: Detailed breakdown of applications running within each namespace.
Pod and Service Information: Information about pods and services, including the container images being used, their versions, and any relevant metadata.
Network Policies: Details of network policies applied within the namespaces for controlling ingress and egress traffic.
Configuration Files: Ability to capture and include Kubernetes configuration files (YAML/JSON) within the SBOM.
Dependency Analysis: Analysis of dependencies across the cluster, considering inter-pod communication and external dependencies.
Security Context: Details regarding the security contexts defined for each pod, including policies, roles, and any enforced security mechanisms.
Additionally, I would like to know if bom can generate a comprehensive in-toto provenance attestation for the entire Kubernetes environment, encompassing all these elements.
If these features are not currently available, is there a roadmap or ongoing work to incorporate them? Any guidance on how to achieve this with the current capabilities of bom or potential workarounds would be greatly appreciated.
Thank you for your time and consideration.
Hello, I am working with a Kubernetes cluster that has multiple namespaces, each running several applications. These applications are deployed across various pods, and network policies are implemented for access control, as well as ingress and egress traffic management. I would like to know if bom currently supports or has plans to support the generation of a Kubernetes SBOM (KBOM) that includes the following details: