Kube-bench and Popeye: A Power Duo for AKS Security Compliance

This page summarizes the projects mentioned and recommended in the original post on dev.to

Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
  • kube-bench

    Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark

    The official repository can be found here with detailed installation instructions.

  • minikube

    Run Kubernetes locally

    > minikube start 😄 minikube v1.22.0 on Darwin 12.6.2 ✨ Using the hyperkit driver based on existing profile 👍 Starting control plane node minikube in cluster minikube 🏃 Updating the running hyperkit "minikube" VM ... 🎉 minikube 1.28.0 is available! Download it: https://github.com/kubernetes/minikube/releases/tag/v1.28.0 💡 To disable this notice, run: 'minikube config set WantUpdateNotification false' 🐳 Preparing Kubernetes v1.21.2 on Docker 20.10.6 ... 🔎 Verifying Kubernetes components... ▪ Using image gcr.io/k8s-minikube/storage-provisioner:v5 🌟 Enabled addons: storage-provisioner, default-storageclass ❗ /usr/local/bin/kubectl is version 1.25.2, which may have incompatibilites with Kubernetes 1.21.2. ▪ Want kubectl v1.21.2? Try 'minikube kubectl -- get pods -A' 🏄 Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default # Download the job.yaml file > curl https://raw.githubusercontent.com/aquasecurity/kube-bench/main/job.yaml > job.yaml > kubectl apply -f job.yaml job.batch/kube-bench created > kubectl get pods -A  ✔  at minikube ⎈ NAMESPACE NAME READY STATUS RESTARTS AGE default kube-bench-t2fgh 0/1 ContainerCreating 0 5s > kubectl get pods -A  ✔  at minikube ⎈ NAMESPACE NAME READY STATUS RESTARTS AGE default kube-bench-t2fgh 0/1 Completed 0 32s

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  • popeye

    👀 A Kubernetes cluster resource sanitizer

    The repository for the tool can be found here.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts