Kube-score

Jan 1, 0001

Definition

Kube-score is a tool designed to perform static code analysis of Kubernetes manifests, helping to identify potential issues and enforce best practices. It evaluates YAML files for Kubernetes resources, providing feedback on aspects such as security, reliability, and efficiency. By analyzing configurations, kube-score aids in improving the quality and security posture of Kubernetes deployments.

Secure Settings Example

apiVersion: apps/v1
kind: Deployment
metadata:
  name: secure-deployment
spec:
  template:
    spec:
      containers:
      - name: secure-container
        image: example/image:latest
        securityContext:
          runAsNonRoot: true
          readOnlyRootFilesystem: true
          capabilities:
            drop:
            - ALL

Insecure Settings Example

apiVersion: apps/v1
kind: Deployment
metadata:
  name: insecure-deployment
spec:
  template:
    spec:
      containers:
      - name: insecure-container
        image: example/image:latest
        securityContext:
          runAsNonRoot: false
          readOnlyRootFilesystem: false
          capabilities:
            add:
            - NET_ADMIN

Kube-score

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter