Rory McCune
Rory McCune
**What would you like to be added** As part of SIG-Security-Docs, we've been discussing the creation of a hardening guide for Kubernetes. We've got an initial document for the guide's...
At the moment `eathar info` returns one of the commands as `imageList` but running that doesn't work, instead `imagelist` works.
Using IKS it does the OIDC plugin thing, this does not appear to work at the moment. ``` eathar rbac wildcardusers {"level":"debug","time":"2023-01-15T15:46:52Z","message":"initKubeClient: failed creating Clientset with%!(EXTRA *errors.errorString=no Auth Provider found...
At the moment this tool doesn't work with GKE, due to the way their authentication plugin is setup ```console eathar rbac wildcardusers {"level":"debug","time":"2022-12-22T17:21:22Z","message":"initKubeClient: failed creating Clientset with%!(EXTRA *errors.errorString=no Auth Provider...
Looking at the official CVE feed [here](https://kubernetes.io/docs/reference/issues-security/official-cve-feed/) there's a couple of CVEs that don't appear to be present. - [CVE-2020-8561](https://github.com/kubernetes/kubernetes/issues/104720) - [CVE-2020-8562](https://github.com/kubernetes/kubernetes/issues/101493) - [CVE-2021-25740](https://github.com/kubernetes/kubernetes/issues/103675) On a quick note related to...
So in theory we can use the `pprof` endpoint (unless it's blocked) to increase the API server log level to debug, then read the logs (well if we can see...
Add Cailyn's details after I forgot to accept the edit (whoops)