k8s-ecr-login-renew
kubeaudit
k8s-ecr-login-renew | kubeaudit | |
---|---|---|
4 | 7 | |
195 | 1,845 | |
- | 0.9% | |
3.8 | 3.8 | |
16 days ago | 13 days ago | |
Go | Go | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
k8s-ecr-login-renew
-
EKS needing an updated refresh token with ECR
I've done some googling and found some solutions like this https://github.com/nabsul/k8s-ecr-login-renew which seems to indicate that others have had the same issue.
- Interesting tools?
-
Replacing YAML with TypeScript
As for challenges I foresee: In this example, the applications are defined generically such that you could use them even if you wanted to skip Kubernetes altogether. However, I have two Kubernetes-specific applications that I run in the cluster: KCert and ecr-login-renewal. These applications require special Kubernetes configurations around service accounts and permissions. I'm not yet sure how to cleanly encode those.
- Image pull secret controller for AWS ECR
kubeaudit
- Looking for Tips on Open Sourcing a kubernetes security tool
-
Interesting tools?
kubeaudit: audit kubernetes or specific manifests for issues https://github.com/shopify/kubeaudit
- kubeaudit
-
Top 6 Kubernetes Security Tools
Here's a link to KubeAudit on Github
-
Introduction to Kubernetes Pentesting
kubeaudit - Audit Kubernetes clusters against common security concerns
-
Kubernetes Security Checklist 2021
Workload configuration should be audited regularly (Kics, Kubeaudit, Kubescape, Conftest, Kubesec, Checkov)
-
2 Widespread Attacks on Your Containerized Environment and 7 Rules to Prevent it.
Kubeaudit
What are some alternatives?
k8s-yaml-alternative - An alternative to yaml files for Kubernetes
kubescape - Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
aws-ecr-image-pull-secret-controller - Custom controller for Kubernetes which automatically renews image pull secrets for AWS ECR
kube-bench - Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
Flux - Successor: https://github.com/fluxcd/flux2
kubesec - Security risk analysis for Kubernetes resources
awesome-k8s-resources - A curated list of awesome Kubernetes tools and resources.
trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
rook - Storage Orchestration for Kubernetes
kube-hunter - Hunt for security weaknesses in Kubernetes clusters
kcert - KCert: A Simple Let's Encrypt Manager for Kubernetes
polaris - Shopify’s design system to help us work together to build a great experience for all of our merchants.