Create a Kubernetes authentication record for a Kubernetes instance running on a Unix host, add the Kubernetes 1.x technology in your policy, and scan it for compliance. You also need a Unix record for the host on which Kubernetes is installed.
This record type is only available in accounts with PC or SCA and is only supported for compliance scans.
For the most current list of supported authentication technologies and the versions that have been certified for VM and PC by record type, please refer to the following article:
Authentication Technologies Matrix
- Go to Scans > Authentication.
- Check that you have a Unix record already defined for the host on which Kubernetes is installed.
- Create a Kubernetes record for the same host. Go to New > Applications > Kubernetes.
Note: If the Network Support feature is enabled, then the Unix record must have the same network selected as the Kubernetes record.
Tell me about user permissionsTell me about user permissions
Managers can add authentication records.
Unit Managers must be granted these permissions:
- Manage PC module / Manage SCA module
- Create/edit authentication records/vaults
We need to know the absolute path of the kubectl command and of the Kubernetes configuration file present on your Unix host. While creating a Kubernetes authentication record, on the Unix Configuration tab, you can specify these paths in the Bin Path and the Conf Path fields. If you leave these fields blank, our service auto-discovers the paths.
Good to Know - It is possible that we can't find the paths and this might result in some configurations not found.