- 重要な情報
- アプリ内
- インフラストラクチャー
- アプリケーションパフォーマンス
- 継続的インテグレーション
- ログ管理
- セキュリティ
- UX モニタリング
- 管理
Set up the kubernetes integration.
Identify when a Kubernetes user is assigned cluster-level administrative permissions.
This rule monitory when a ClusterRoleBinding
object is created to bind a Kubernetes user to the cluster-admin
default cluster-wide role. This effectively grants the referenced user with full administrator permissions over all the Kubernetes cluster.
@requestObject.subjects
is expected to have been granted administrator permissions on the cluster@usr.id
) is authorized to assign administrator permissionsUser Investigation
dashboard to review any user actions that may have occurred after the potentially malicious action.20 September 2022 - Updated tags.