gatekeeper-securitycenter

command module

v0.2.3-rc0 Latest Latest Go to latest Published: Jul 13, 2021 License: Apache-2.0 Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/googlecloudplatform/gatekeeper-securitycenter

README ¶

gatekeeper-securitycenter

gatekeeper-securitycenter allows you to use Security Command Center as a dashboard for Kubernetes resource policy violations.

gatekeeper-securitycenter is:

a Kubernetes controller that creates Security Command Center findings for violations reported by the audit controller in Policy Controller and Open Policy Agent (OPA) Gatekeeper.
a command-line tool that creates Security Command Center sources and manages the IAM policies of the sources.

Architecture

gatekeeper-securitycenter requires Security Command Center Standard tier.

Prerequisites

Before installing the gatekeeper-securitycenter controller, create all of the following resources:

a Kubernetes cluster, for instance a Google Kubernetes Engine (GKE) cluster
Policy Controller or OPA Gatekeeper installed in the Kubernetes cluster
a Security Command Center source
a Google service account with the Security Center Findings Editor role on the Security Command Center source

To create these prerequisite resources, choose one of these options:

Use the kpt package in the setup directory. This package creates resources using Config Connector.
Use the shell scripts in the scripts directory. These scripts create resources using the gcloud tool from the Google Cloud SDK.
Follow the step-by-step instructions in the accompanying tutorial.

For all options, you must have an appropriate Cloud IAM role for Security Command Center at the organization level, such as Security Center Admin Editor. Your organization administrator can grant you this role.

If your user account is not associated with an organization on Google Cloud, you can create an organization resource by signing up for either Cloud Identity or Google Workspace (formerly G Suite) using a domain you own. Cloud Identity offers a free edition.

Installing the `gatekeeper-securitycenter` controller

Install the gatekeeper-securitycenter controller in your cluster by following the steps in the kpt package documentation.

Documentation

Disclaimer

This is not an officially supported Google product.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
cmd
findings
flag
sources
version Package version prints the version of this tool, as provided at compile time.	Package version prints the version of this tool, as provided at compile time.
pkg
discovery
dynamic
logging
print
securitycenter
signals
sync
version Package version provides the version of this tool.	Package version provides the version of this tool.
third_party
sigs.k8s.io/controller-runtime/pkg/manager/signals

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

README ¶

gatekeeper-securitycenter

Prerequisites

Installing the gatekeeper-securitycenter controller

Documentation

Disclaimer

Documentation ¶

Source Files ¶

Directories ¶

Installing the `gatekeeper-securitycenter` controller