kubesleuth 0.1.1

A tool for auditing Kubernetes clusters for misconfigurations, security issues, and best practices.

KubeSleuth

KubeSleuth is a simple tool for auditing your Kubernetes clusters. It scans your cluster configurations for misconfigurations, best practices, security issues, and resource allocations, providing detailed reports to help you maintain a healthy and secure environment.

It's still in early development, so expect some rough edges.

Table of Contents

• How to Use
• Overview
• Installation
• Features
• Configuration
• Contributing
• License

How to Use

1. Clone the repository:

   git clone https://github.com/yourusername/kubesleuth.git
   cd kubesleuth
   

2. Install dependencies:

   pip install -r requirements.txt
   

3. Run KubeSleuth:

   python3 kubesleuth.py --output markdown
   

4. Optional arguments:

   • --kubeconfig: Path to the kubeconfig file (default: $HOME/.kube/config)
   • --context: Kubernetes context to use

   Example:

   python3 kubesleuth.py --output json --kubeconfig /path/to/kubeconfig --context my-context
   

Overview

KubeSleuth is designed to help you maintain a secure and well-configured Kubernetes cluster. It performs a variety of checks on your cluster, including:

• RBAC (Role-Based Access Control): Ensures role bindings are secure and correctly configured.
• Authentication: Checks for basic authentication and password policies.
• Custom Roles: Identifies and reviews custom roles and cluster roles.
• Network Policies: Ensures network policies are defined and enforced.
• Namespace Isolation: Checks if resources are properly isolated by namespaces.
• Privileged Containers: Detects containers running with privileged access.

By running KubeSleuth, you can quickly identify potential issues and areas for improvement in your cluster's configuration.

Installation

To install KubeSleuth, follow these steps:

1. Clone the repository:

   git clone https://github.com/thevanguardian/kubesleuth.git
   cd kubesleuth
   

2. Install dependencies:

   pip install -r requirements.txt
   

Features

• RBAC Audit: Identifies insecure role bindings and missing subjects.
• Authentication Checks: Verifies if basic authentication is enabled.
• Custom Roles Review: Lists and reviews custom roles and cluster roles.
• Network Policies Audit: Ensures network policies are present and enforced.
• Namespace Isolation Checks: Detects resources placed in the default namespace.
• Privileged Containers Detection: Finds containers running with privileged access.
• Flexible Configuration: Supports custom kubeconfig files and contexts.

Configuration

KubeSleuth can be configured using command-line arguments:

• --kubeconfig: Path to the kubeconfig file (default: $HOME/.kube/config)
• --context: Kubernetes context to use
• --output: Output format (json or markdown)

Example:

python3 kubesleuth.py --output markdown --kubeconfig /path/to/kubeconfig --context my-context

Contributing

Contributions are welcome! If you have suggestions for improvements or new features, please create an issue or submit a pull request.

Fork the repository Create your feature branch (git checkout -b feature/your-feature) Commit your changes (git commit -m 'Add your feature') Push to the branch (git push origin feature/your-feature) Open a pull request

License

This project is licensed under the GNU General Public License v3 (GPLv3).