Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Extend the capability of the cofidectl workload discover command #121

Open
nialdaly opened this issue Jan 6, 2025 · 0 comments
Open

Extend the capability of the cofidectl workload discover command #121

nialdaly opened this issue Jan 6, 2025 · 0 comments

Comments

@nialdaly
Copy link
Contributor

nialdaly commented Jan 6, 2025

Summary

The cofidectl workload discover command provides functionality to discover secrets associated with workloads using the --include-secrets flag. This provides useful context around the age of the secret and if it potentially high risk due to how long it has been present. It could be useful to further extend this capability by providing additional, fine-grained metadata around these secrets that could be useful to surface including:

  • Secret type
  • Secret annotations
  • Pod usage
  • Secret RBAC
  • Secret rotations
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant