Integration guide for Resmo Kubernetes Integration.
Resmo + Kubernetes Integration Fundamentals
Resmo seamlessly integrates with Kubernetes to ensure your resources stay secure and compliant.
What does Resmo offer to Kubernetes users?
Collect and monitor all your Kubernetes resources in one place
Run automated audits with predefined or custom rules
Set up notification rules to get alerted on rule violation
Query your assets and receive instant answers
Use the Best Practices pack to check your Kubernetes security and compliance posture.
How does the integration work?
Resmo Kubernetes Integration collects resources by establishing a trust relationship in your cluster. After you copy and paste the YAML specified in the How to install section to your Kubernetes cluster, a CronJob starts operating periodically. Once triggered, it sends requests to our servers, pulling resources inside the cluster. Then, we process them on the server. The app operating in your Kubernetes cluster is provided as a docker image without any authorization limits. Resmo performs the resource validation with a unique IngestKey. Note: An IngestKey is different for each integration.
YAML
IngestKey
Available resources
Resmo Kubernetes integration aggregates deployments, jobs, pods, cluster roles, services, and more.
Common queries and rules
List job containers without livenessProbe.
Find deployment containers with privilege escalation.
See Kubernetes services with NodePort and LoadBalancer type.
Find pod containers with privileged ports.
List replicaset in default namespace.
Identify cronjob containers without a memory limit.
Integration walkthrough
How to install
Apply the following YAML to your Kubernetes cluster: