asat

package
v0.14.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 30, 2021 License: MIT Imports: 4 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// AutomountServiceAccountTokenDeprecated occurs when the deprecated serviceAccount field is non-empty
	AutomountServiceAccountTokenDeprecated = "AutomountServiceAccountTokenDeprecated"
	// AutomountServiceAccountTokenTrueAndDefaultSA occurs when automountServiceAccountToken is either not set
	// (which defaults to true) or explicitly set to true, and serviceAccountName is either not set or set to "default"
	AutomountServiceAccountTokenTrueAndDefaultSA = "AutomountServiceAccountTokenTrueAndDefaultSA"
)
View Source 
const Name = "asat"
View Source 
const OverrideLabel = "allow-automount-service-account-token"

Variables

This section is empty.

Functions

This section is empty.

Types

type AutomountServiceAccountToken 

type AutomountServiceAccountToken struct{}

AutomountServiceAccountToken implements Auditable

func New 

func New() *AutomountServiceAccountToken

func (*AutomountServiceAccountToken) Audit 

func (a *AutomountServiceAccountToken) Audit(resource k8s.Resource, resources []k8s.Resource) ([]*kubeaudit.AuditResult, error)

Audit checks that the deprecated serviceAccount field is not used and that the default service account is not being automatically mounted

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.