rbac-lookup
ksniff
rbac-lookup | ksniff | |
---|---|---|
3 | 9 | |
838 | 3,048 | |
1.2% | - | |
3.7 | 0.0 | |
9 days ago | 6 days ago | |
Go | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
rbac-lookup
-
Is there a way to see exactly what permissions the built-in group "system:readonly" has?
try using a tool such as rbac-lookup to find roles attached to a principal name https://github.com/FairwindsOps/rbac-lookup
-
Kubernetes Hardening Tutorial Part 3: Authn, Authz, Logging & Auditing
RBAC Lookup is a CLI that allows you to easily find Kubernetes roles and cluster roles bound to any user, service account, or group name. It helps to provide visibility into Kubernetes auth.
-
Making Kubernetes Operations Easy with kubectl Plugins
rbac-lookup - Similar to the first plugin we mentioned, this plugin also helps with RBAC in your cluster. This can be used to perform reverse lookup of roles, giving you a list of roles that user, service account or group has assigned. For example, to find roles bound to service account named my-sa you use the following - kubectl rbac-lookup my-sa --kind serviceaccount --output wide.
ksniff
-
unknown field "capabilities" in io.k8s.api.core.v1.PodSecurityContext (running tshark in a container/k8s pod)
so probably the right way is to use some tool like that (ksniff) or setup a sidecar container. But I am still curious to why I get the above error.
-
Running tcpdump on eks worker nodes
I've used https://github.com/eldadru/ksniff with success. Recently on this sub Kubeshark was also mentioned.
-
Getting started with kubectl plugins
Link to GitHub Repository
-
Kubeshark PCAP Export
There also is https://github.com/eldadru/ksniff which starts wireshart GUI
-
Tool for debugging a node: process list, tcpdump, etc
I have used Ksniff as a kubectl plugin that act as a "Wireshark tool" for containers https://github.com/eldadru/ksniff
-
How can I see mTLS traffic in a K8s cluster that also uses Istio?
I've found ksniff useful for monitoring Kubernetes traffic with wireshark: https://github.com/eldadru/ksniff
-
Viewing / troubleshooting at the network level
KSniff https://github.com/eldadru/ksniff lets you do full packet capture.
-
Making Kubernetes Operations Easy with kubectl Plugins
ksniff - known as sniff is a tool for debugging and capturing networking data. It's able to attach to a pod and using tcpdump to forward networking data to your local Wireshark. This tool also works pretty well with tshark - the command-line version of Wireshark.
-
Pod-to-pod network delays in AKS
Install ksniff - https://github.com/eldadru/ksniff#installation
What are some alternatives?
rbac-manager - A Kubernetes operator that simplifies the management of Role Bindings and Service Accounts.
kubecolor - colorizes kubectl output
k9s - 🐶 Kubernetes CLI To Manage Your Clusters In Style!
netshoot - a Docker + Kubernetes network trouble-shooting swiss-army container
kubectl-kubesec - Security risk analysis for Kubernetes resources
kubepug - Kubernetes PreUpGrade (Checker)
rakkess - Review Access - kubectl plugin to show an access matrix for k8s server resources
outdated - Kubectl plugin to find and report outdated images running in a Kubernetes cluster
kubectl-dig - Deep kubernetes visibility from the kubectl
kubectx - Faster way to switch between clusters and namespaces in kubectl
kubelogin - kubectl plugin for Kubernetes OpenID Connect authentication (kubectl oidc-login)