Kubernetes access audit with JumpServer

In public documentation or videos, there is nothing about what exactly JumpServer does with Kubernetes, what it can audit, and how it looks.

Note: Kubernetes access audit is also available in the Community Edition.

Access to Kubernetes

To access the K8s API, you need an access token and the IP address of your Kubernetes API. You can easily find instructions on how to generate these in your Kubernetes cluster. Once you have them, it's straightforward to create assets and accounts to connect to Kubernetes from JumpServer:

Connection to Kubernetes looks like any other asset:

After connecting, on the left side, you will see your Kubernetes containers instead of the asset list:

Then you can select one of containers, connect to its shell and run any commands:

Session Audit

Session video with commands timestamps:

Command audit:

Conclusion

JumpServer enables secure access to Kubernetes, allowing users to connect to Kubernetes containers and execute commands without having direct credentials. Additionally, all user actions within the containers are logged for accountability and auditing purposes.