UNCLASSIFIED - NO CUI

Snippets Groups Projects

Currently supported Big Bang Version is 2.49

Attention Iron Bank Customers: On March 27, 2025, we are moving SBOM artifacts from the Anchore Scan job to the Build job to streamline the container hardening pipeline. If you currently download SBOMs from the Anchore Scan job, you can still get them from the Build job and from other sources, including IBFE and image attestations.

3 years ago
f55dc12b

docs: cluster auditor arch · f55dc12b
Tunde Oladipupo authored 3 years ago

f55dc12b

History

docs: cluster auditor arch
Tunde Oladipupo authored 3 years ago

Code owners

Assign users and groups as approvers for specific file changes. Learn more.

Architecture.md 972 B

Cluster Auditor

Overview

Cluster Auditor(CA) pulls data from the kubernetes API, transforms them and inserts them into Elasticsearch which can then be queried by Kibana. The types of objects are both OPA Gatekeeper CRDs and native kubernetes objects.

Big Bang Touchpoints

graph TB 
  subgraph "Cluster Auditor"
    clusterauditor 
  end 

  subgraph "Elasticsearch"
    clusterauditor --> elasticsearch 
  end

High Availability

CA currently does not support HA.

Storage

It uses the currently deployed Elasticsearch that's deployed as part of the logging stack.

Single Sign On (SSO)

CA does not have SSO Integration.

Licensing

CA parent image is fluentd which uses Apache License 2.0.

Dependant Packages

Elasticsearch Kibana
OPA Gatekeeper

UNCLASSIFIED - NO CUI