All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.
Features:
--show-full-role-arns
to force printing the full role ARN, instead of just its nameNew features:
mkat eks find-role-relationships
now uses a full-fledged IAM policy evaluation engine to determine which pods can assume IAM roles in the account.Enhancements:
mkat eks find-role-relationships
, when using a non-standard EKS API server hostname (--skip-eks-hostname-check
)mkat eks find-role-relationships
to specify the EKS cluster name when it cannot be automatically detected from the KubeConfig file (--eks-cluster-name
)