TABLE OF CONTENTS
The Infrastructure screen of the Aqua UI lists and provides information related to the Kubernetes assets in your environment: clusters (actively discovered by Aqua) and hosts.
A host is a (virtual) machine that runs your workloads. It can be based on Kubernetes or a different orchestration platform. It may or may not have an Aqua Enforcer deployed and running on it. The Infrastructure screen contains these tabs:
- Assets: lists the clusters and hosts in your environment
- Scan Queue: view the queue for host scanning
- Scan History: view previous host scanning results on a per-host basis
When you click the name of a cluster in the Infrastructure screen, the Risk tab for the cluster is displayed. If the kube-hunter has scanned the cluster, the results of the scan are shown in the Risk tab. A summary of all security issues found by the kube-hunter appears at the bottom of the screen.
These tabs are available:
- Information: displays various attributes and status of the cluster
- Roles: appears only if Aqua has not been integrated with Apolicy. This tab displays information on Kubernetes roles, rules, and bindings.
- Apolicy-related tabs: The Apolicy Roles and Apolicy Subjects tabs appear only if Aqua has been integrated with the third-party Apolicy application. Apolicy assesses Kubernetes roles and subjects (users and service accounts) on your clusters.
- Risk: shows host compliance status and a summary of security issues found in the most recent host scan
- Information: shows details about the host and (if applicable) the Docker environment
- Vulnerabilities: shows all the vulnerabilities found in the most recent host scan
- Resources: shows all vulnerabilities found in resources (such as packages) in the most recent host scan
- Malware: shows all instances of malware found in the most recent host scan
- Compliance Results: as applicable, this tab shows the results of the following benchmark tests of the host: Docker CIS, Kubernetes CIS, Linux CIS, and one or more Custom Compliance Checks
- Containers: lists all containers running on the host
- Images: presents a list of all container images discovered on the host
- Audit: shows all audit events that have been generated for this host, grouped according to severity
For more information