~ 2 min read
Auditing Kubernetes with Kubeaudit - Introduction and setup
Kubernetes clusters can quickly become complicated in terms of setup and management based on the requirements of your workloads. More often than not, security misconfigurations can wreak havoc if exploited by attackers or simply cause a compliance failure.
kubeaudit, an open source tool created by the folks at Shopify, can be used to perform a security audit of Kubernetes clusters to find common low hanging fruits that are often exploited by attackers.
kubeaudit is available as a Go package from https://github.com/Shopify/kubeaudit. Multiple installation options are available from the GitHub repository. We will show 3 of the more common ways of running
kubeaudit in this article.
Using a release binary
From https://github.com/Shopify/kubeaudit/releases, under
Assets, download the binary for your target operating system. For our example, since we are using an Ubuntu 20.04 machine, we will download the
tar -xzvf kubeaudit_0.21.0_linux_amd64.tar.gzto unpack the binary and run
./kubeaudit versionto confirm it runs.
Using go get
You need to have Go installed on your system. To install Go on Ubuntu, you can use
sudo apt update sudo apt install golang-go
kubeaudit using Go
From a terminal run
go get -v github.com/Shopify/kubeaudit
kubeaudit versionto confirm the program is setup properly.
The published docker version of
kubeaudit was built for the
arm platform. To run
kubeaudit using docker, we will need to build it for the
Download the source from the releases page at https://github.com/Shopify/kubeaudit/releases
Unzip the source using
unzip filename.zipand then switch to the unzipped directory
Run the following command to build an
docker build --platform linux/amd64 --tag amd64kubeaudit .
You can run the docker image using the following
docker run --name kubeaudit --platform linux/amd64 --rm --privileged amd64kubeaudit:latest version