Runecast Analyzer for AWS and Kubernetes
Since I decided to test Runecast in my lab recently I've mainly been looking at the vSphere capabilities.
Now I've also connected Runecast to a Kubernetes cluster and to an AWS account to see what we can get from that. The ability to get informed about security issues and best practices in the context of my environment is great. This saves me lot's of time digging in to AWS documentation as I get the information already digested and presented to me.
Let's take a look
If you've worked with Runecast before you wouldn't be surprised that just by connecting your instance to an account and run an analysis you get direct value. I admit that the AWS environment I'm working with is very small, but still I get immediate value as Runecast tells me that I have 53 issues, where 32 are major ones.
Digging in to my Compute first I have 3 EC2 instances and an EKS cluster running in the environment. The EKS cluster is fine, but all of my EC2 instances have issues
From this I can see my three issues and the number of objects affected by each and can quickly determine if this is something I need to look at.
In this example all of the findings came from Runecast's Best practices analyzer. Let's take a look at the Issues concerning Management.
Here we see that we also get some findings from the Center for Internet Security (CIS) profile. This shows that there's not only Runecast digested best practices available, but also profiles built on industry standards.
Switching focus to Kubernetes now, we'll take a look at a connection I've setup to a Kubernetes cluster running in my lab. The environment is running on Ubuntu VMs on vSphere.
The results speaks for themselves, I guess I have some work in front of me to get things sorted..
Let's take a look at an issue
We can see a certificate recommendation from the CIS profile, and we get detailed information about the issue and the rationale behind it.
The Best practices view gives us a nice list of recommendations where we can sort and filter based on severity etc
Hopefully this post have given a quick insight into what Runecast can do with regards to analyzing both AWS and Kubernetes environments and the value we can get from the analysis.
I for one know that it can save me a lot of time as I don't have to dig through lot's of KB articles and documentation to get generic recommendations and then try to fit that to my setup. Runecast delivers recommendations based on my environment which I can apply immediately, and it will continually monitor my setup.
Thanks for reading!