Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Framework support for GKE #567

Open
AdonisOkpidi opened this issue Dec 12, 2024 · 4 comments
Open

Add Framework support for GKE #567

AdonisOkpidi opened this issue Dec 12, 2024 · 4 comments
Assignees
@slashben
Labels
enhancement New feature or request

Comments

@AdonisOkpidi
Copy link

AdonisOkpidi commented Dec 12, 2024
edited
Loading

Overview

Our project requires installing Kubescape in both GKE and AKS. However, there is currently no dedicated GKE framework available in Kubescape.

Problem

To meet the project requirements, I am planning on creating a privileged pod to use alongside the CIS v1.23 and AllControls Kubescape frameworks (Which will already be filtered pending feature request) While this approach works, it requires manually filtering reports to exclude controls not relating to GKE. Introducing a specific framework for GKE would significantly reduce this effort, as most necessary controls already exist, with the exception of those related to Managed Services compliance.

Solution

Develop a GKE-specific framework similar to the cis-aks-t1.2.0 framework in kubescape for AKS. This tailored framework would simplify compliance processes, eliminate the need for manual filtering, and ensure a smoother integration of GKE-specific controls.
@slashben
Copy link
Contributor

slashben commented Dec 17, 2024
edited
Loading

Hey @AdonisOkpidi , to clarify: are you looking for CIS GKE framework (like the one mentioned here or here )?

@slashben slashben self-assigned this Dec 17, 2024
@slashben slashben added the enhancement New feature or request label Dec 17, 2024
@slashben slashben moved this to Feature in Kubescaping Dec 17, 2024
@AdonisOkpidi
Copy link
Author

AdonisOkpidi commented Dec 17, 2024
edited
Loading

@slashben Yes correct! You can find the details on the official website CIS workbench. The current version is v1.7.0. You can create a free account with a non org email address.

As part of the benchmark there is a Managed services section (screenshot below) for GKE specific compliance.

CIS_screenshot0
CIS_screenshot
CIS_screenshot2
CIS_screenshot3
CIS_managed_services

@AdonisOkpidi
Copy link
Author

@slashben Happy new year.

I am just checking in to see the timeline of this?

@slashben
Copy link
Contributor

slashben commented Jan 7, 2025 via email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@slashben slashben

Labels
enhancement New feature or request
Projects
Kubescaping
Status: Feature
Milestone
No milestone
Development

No branches or pull requests
2 participants
@AdonisOkpidi @slashben