#!/bin/bash
# 配置参数
LOG_FILE="/var/log/k8s_security_audit.log"
# 检查并创建日志文件
if [ ! -f "$LOG_FILE" ]; then
touch "$LOG_FILE"
fi
# 记录日志函数
log() {
echo "$(date +"%Y-%m-%d %H:%M:%S") - $1" >> "$LOG_FILE"
}
# 检查安全配置
log "Starting security audit..."
kubectl get nodes -o wide
kubectl get pods --all-namespaces -o wide
kubectl get roles --all-namespaces
kubectl get rolebindings --all-namespaces
kubectl get clusterroles
kubectl get clusterrolebindings
log "Security audit completed successfully."