Polaris helps keep your cluster healthy. It runs a variety of checks to ensure that Kubernetes deployments are configured using best practices that will avoid potential problems in the future. The project includes two primary components:
A dashboard that provides an overview of how well current deployments are configured within a cluster.
An experimental validating webhook that can prevent any future deployments that do not live up to a configured standard.
Tern is a software package inspection tool for containers. It's written in Python3 with a smattering of shell scripts
This guide can help you secure your OpenShift cluster to comply with the FISMA moderate confidentiality, integrity, and availability requirements.
While the configurations and Security Control Traceability Matrix (SCTM) documented in this guide could be implemented in any environment, the reference architecture is Amazon Web Services.