Kubescape reads cluster information from the cloud vendors' API. There is a list of authorization required by the entity (see the SDK of the given vendor). Kubescape uses SDKs to retrieve this information. This authentication information must be available in the running environment of Kubescape
- AWS IAM roles for EKS access, see more here Amazon Web Services integration
- GCP IAM roles for GKE access, see more here Google Cloud Services integration
- Azure AKS is not yet supported
- DigitalOcean API is not yet supported
- Private repositories are supported via:
- Azure ACR authentication is not yet supported
Issue / logs
the image may be deleted from the container registry, so the vulnerability scanner can't get the image manifest data and it's vulnerabilities
*## first solution suggestion:* the image need to be added to the container registry for enable to scan it
we reach to the limit of the the process memory limited by the k8s deployment: "armo-vuln-scan"
*## first solution suggestion:* enlarge the memory limit of the deployment.
Updated 4 months ago