1
0
Fork 0
mirror of https://github.com/tldr-pages/tldr.git synced 2025-07-05 09:55:24 +02:00
tldr/pages/common/prowler-kubernetes.md
nara071101 bedef71116
prowler, prowler-{aws,azure,gcp,kubernetes,m365,github}: add pages (#16870)
Co-authored-by: Sebastiaan Speck <12570668+sebastiaanspeck@users.noreply.github.com>
2025-06-19 20:37:06 +03:00

1 KiB

prowler kubernetes

Assess Kubernetes cluster security best practices and configurations. See also: prowler, prowler-aws, prowler-azure, prowler-gcp, prowler-m365, prowler-github. More information: https://docs.prowler.com/projects/prowler-open-source/en/latest/.

  • Run the default checks using the default kubeconfig location:

prowler kubernetes

  • Specify a custom kubeconfig file for scanning:

prowler kubernetes --kubeconfig-file {{path/to/kubeconfig}}

  • Specify a specific Kubernetes context to scan:

prowler kubernetes --context {{my-context}}

  • Scan specific namespaces only:

prowler kubernetes --namespaces {{default}} {{kube-system}}

  • Run checks for selected Kubernetes services:

prowler kubernetes {{[-s|--services]}} {{ietcd apiserver ...}}

  • Run a specific Kubernetes check:

prowler kubernetes {{[-c|--checks]}} {{etcd_encryption}}

  • Exclude specific checks or services:

prowler kubernetes {{[-e|--excluded-checks]}} {{etcd_encryption}} --exclude-services {{ietcd apiserver ...}}