Benchmark Kubernetes clusters against CIS controls with kube-bench
Run CIS benchmark checks against cluster nodes and control planes when an agent needs a narrow Kubernetes hardening audit, not a general platform listing.
What it does
Benchmark Kubernetes clusters against CIS controls with kube-bench
Run CIS benchmark checks against cluster nodes and control planes when an agent needs a narrow Kubernetes hardening audit, not a general platform listing.
Prerequisites
kube-bench binary or container image, access to target Kubernetes nodes or cluster context
Installation
Requirements and caveats from upstream:
Basic usage or getting-started notes:
-
There are multiple ways to run kube-bench.
-
You can run kube-bench inside a pod, but it will need access to the host's PID namespace in order to check the running processes, as well as access to some directories on the host where config files and other files ar...
-
The supplied job.yaml file can be applied to run the tests as a job. For example:
-
Extracted from upstream docs: https://raw.githubusercontent.com/aquasecurity/kube-bench/HEAD/README.md
Documentation
Source
Capabilities
Install
Quality
deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,390 chars)