kube-bench

Palette executes kube-bench, a CIS Benchmark scanner by Aqua Security, for every Kubernetes pack to ensure the master and worker nodes are configured securely. It is available as an Add-on layer within Palette.

kube-bench runs against a series of checks specified in a controls YAML file. For more information on how to write tests and config files, refer to the controls section.

Versions Supported

References

https://github.com/aquasecurity/kube-bench/blob/main/docs/running.md#running-kube-bench