search

nirmata / kyverno-aws-adapter

An adapter for Amazon EKS to use with Kyverno for making policy decisions
Apache License 2.0
11 stars 5 forks source link

Gaps to close #42

Closed chipzoller closed 1 year ago

chipzoller commented 1 year ago

5 identified gaps to close based upon inspection of the checks implemented by https://github.com/aws-samples/hardeneks

  1. Ensure workers are deployed to private subnets a. Example payload here b. Example code
  2. Run Amazon Inspector a. Example payload here b. Example code
  3. Check VPC Flow Logs a. Example payload here b. Example code c. Need to do a second call to EC2 API to get VPC Flow Log information
  4. Check access to instance profile a. Example payload here b. Example code
  5. Use immutable tags with ECR a. Example payload here b. Example code