Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

WIP: add initial EKS exec rule #1287

Draft
wants to merge 4 commits into
base: develop
Choose a base branch
from
Draft

WIP: add initial EKS exec rule #1287

wants to merge 4 commits into from

Conversation

rileydakota
Copy link
Contributor

@rileydakota rileydakota commented Jul 12, 2024
edited by ben-githubs
Loading

Background

As discussed with @arielkr256, first of several K8s/EKS specific detections here.

To-do:

  • add configuration for specifying a production environments
  • allow/account for ONLY human exec calls (in this case, identities using the AWS IAM Authenticator for Kubernetes via the was-auth configmap or EKS Access Entries)

Changes

TBD

Testing

TBD

@rileydakota rileydakota requested a review from a team as a code owner July 12, 2024 17:54
@rileydakota rileydakota marked this pull request as draft July 12, 2024 18:18
@arielkr256 arielkr256 added the enhancement New feature or request label Sep 4, 2024
@arielkr256 arielkr256 added rules Real-time log data detections and removed enhancement New feature or request labels Sep 11, 2024
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
rules Real-time log data detections
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rileydakota @arielkr256