Skip to main content

k8s

Supported platform

  • kubernetes

Description

Kubernetes cluster

Fields

IDTYPEDESCRIPTION
serverVersiondictCluster version
apiResources[]k8s.apiresourceAvailable resource types
namespaces[]k8s.namespaceCluster namespaces
nodes[]k8s.nodeCluster nodes
pods[]k8s.podCluster Pods
deployments[]k8s.deploymentCluster deployments
daemonsets[]k8s.daemonsetCluster DaemonSets
statefulsets[]k8s.statefulsetCluster StatefulSets
replicasets[]k8s.replicasetCluster ReplicaSets
jobs[]k8s.jobCluster Jobs
cronjobs[]k8s.cronjobCluster CronJobs
secrets[]k8s.secretCluster Secrets
configmaps[]k8s.configmapConfigMaps
services[]k8s.serviceKubernetes Services
ingresses[]k8s.ingressKubernetes Ingresses
serviceaccounts[]k8s.serviceaccountKubernetes service accounts
clusterroles[]k8s.rbac.clusterroleKubernetes RBAC ClusterRoles
clusterrolebindings[]k8s.rbac.clusterrolebindingKubernetes RBAC ClusterRoleBindings
roles[]k8s.rbac.roleKubernetes RBAC roles
rolebindings[]k8s.rbac.rolebindingKubernetes RBAC RoleBindings
networkPolicies[]k8s.networkpolicyKubernetes network policies
customresources[]k8s.customresourceKubernetes custom resources
validatingWebhookConfigurations[]k8s.admission.validatingwebhookconfigurationKubernetes admission webhook configurations
apps[]k8s.appKubernetes applications

Examples

List kubernetes pods with privileged containers

k8s.pods { containers.where(securityContext["privileged"] == true) name }

Check if the default namespace is used

k8s.pods.all( namespace != "default")

Query services accounts

k8s.serviceaccounts { name namespace secrets  }

Query RBAC cluster roles

k8s.roles { name namespace rules  }

Query RBAC role bindings

k8s.rolebindings { name namespace subjects  }

Query RBAC cluster role bindings

k8s.clusterrolebindings { name subjects  }

Query pod security policies

k8s.podSecurityPolicies { name manifest }

Query network policies

k8s.networkPolicies { name manifest }

References