K8s kube-hunter as pod
Description
kube-hunter hunts for security weaknesses in Kubernetes clusters. The tool was developed to increase awareness and visibility for security issues in Kubernetes environments. You should NOT run kube-hunter on a Kubernetes cluster that you don't own!
Project page
- https://github.com/aquasecurity/kube-hunter
kube-hunter.job.yaml
apiVersion: batch/v1
kind: Job
metadata:
name: kube-hunter
# namespace: <namespace>
spec:
template:
spec:
containers:
- name: kube-hunter
image: aquasec/kube-hunter
command: ["kube-hunter"]
args: ["--pod"]
restartPolicy: Never
backoffLimit: 4