Validate, Clean & Secure Your K8s YAML using ValidKube

ADITYA DASADITYA DAS
3 min read

Table of contents

1. Introduction to Validkube

validkube-komodor-os.gif

Validkube makes use for various open source projects, for maintain yaml files basically. It is a tool by komodor or more than that is it a simple browser that can easily manipulate and maintain your yaml files.

2. Uses of Validkube

It is grate tool tool that use to validate, audit, secure your custom yaml files in simple way. Not only that we can easily secure and clear our files whenever a checks fails or a security vulnerability are present over a yaml file. This tool can easily manage those things and remove vulnerabilities. This tool use various integration to manage this things like

  • Validate - Verify your Kubernetes configuration files @ kubeconform

142411871-f695e40c-bfa8-43ca-97c0-94c256749732.png

  • Clean - Remove clutter from your Kubernetes manifests @ kubectl-neat
  • Secure - Scan your YAML code for security vulnerabilities @ trivy

logo.png

  • Audit -Validation of best practices for your yaml @ polaris

7485.PNG

  • Secure -Scan your YAML file for Devops best practices and security vulnerabilities @ kubescape

100554170.png

  • SBOM - Scan your container image for SBoMs @ trivy

logo.png

3. Validkube integration with Kubescape

8888.PNG

There is an latest update implement on validkube that is can easily integrate with kubescape so it is very easy to scure your custom yaml files or kubernetes manifest files use this feature.

4. What is Kubescape

100554170.png

Kubescape is a Kubernetes open-source platform that provides a multi-cloud K8s single pane of glass, including risk analysis, security compliance, RBAC (role-based access control) visualizer, and image vulnerabilities scanning.

Kubescape is a K8s open-source tool providing a Kubernetes single pane of glass, including risk analysis, security compliance, RBAC visualizer, and image vulnerability scanning. Kubescape scans K8s clusters, YAML files, and HELM charts, detecting misconfigurations according to multiple frameworks (such as the NSA-CISA, MITRE ATT&CKยฎ), software vulnerabilities, and RBAC (role-based-access-control) violations at early stages of the CI/CD pipeline, calculates risk score instantly and shows risk trends over time.

It has become one of the fastest-growing Kubernetes tools among developers due to its easy-to-use CLI interface, flexible output formats, and automated scanning capabilities, saving Kubernetes users and admins precious time, effort, and resources. Kubescape integrates natively with other DevOps tools, including Jenkins, CircleCI, Github workflows, Prometheus, and Slack, and supports multi-cloud K8s deployments like EKS, GKE, and AKS.

5. How to use

Just go through this link validkube

00001.PNG

We can easily take a sample yaml file from example tab

00002.PNG

To check simply click on validation tab to check your yaml file is valid or not.

00003.PNG

There is a error while yaml validation check, so we replace sting with a integer.

00001valid.PNG

Also clean and cut out your yaml file to make this file unique.

00004.PNG

Male security check by clicking secure(Trivy) tab

00005.PNG

Simply audit your yaml files using Audit(polaris) tab

00006.PNG

Another security vulnerability check using validkube

00007.PNG

00008.PNG

6. Resources

๐Ÿšฉ https://validkube.com/

๐Ÿšฉ https://komodor.com/

๐Ÿšฉ https://youtu.be/5fLA-WBK49w

๐Ÿšฉ https://youtu.be/5XlhLD7pyFU

7. Get involved

๐Ÿ–ฑ Twitter

๐Ÿ–ฑ Linkedin

๐Ÿ–ฑ Github

That's all for this blog, I hope you will learn something new. And feel free to share your thoughts and feedback, Thanks for reading.

Feel free to reach out me ๐Ÿ‘€

Twitter ๐Ÿ–ฑ

LinkedIn ๐Ÿ–ฑ

Github ๐Ÿ–ฑ

20
Subscribe to my newsletter

Read articles from ADITYA DAS directly inside your inbox. Subscribe to the newsletter, and don't miss out.

HashnodekomodorKubernetesOpen Source

Written by

ADITYA DAS
ADITYA DAS

Hi, i am a post graduate (MCA) student and a open source contributor.