Skip to content

@joecheuk joecheuk released this Jul 10, 2019

Summary

Inventory

  • Updated to retrieve Kubernetes Cluster resource from CAI instead of GCP API.

Scanner

  • Updated ke_rules to scan KE versions for the following vulnerabilities:
    • CVE-2019-11477
    • CVE-2019-11478
    • CVE-2019-11479
  • Updated iam_rules to accept dataset as resource type.
  • Added support in IAM scanner to detect allUsers in BigQuery.

Thanks to our contributors!

All Changes

6eac33c Update ke rules to use >= on the latest minor for version 1.11 and 1.12. (#2963)
91ac736 Uncommented iter_container_clusters method in cai_gcp_client.py. (#2958)
3943e8c Update ke_rules.yaml to scan for the added KE versions (#2953)
ce15e9c Add missing dash in resource_rules.yaml (#2950)
673924f Remove useless True and in while loop. (#2801)
d8fa63b Updates to docker_entrypoint.sh to assist with testing (#2943)
2e19304 Do not validate storage-component api (#2912)
afeb548 Added metricWriter role to installer script. (#2944)
481a85a Align forseti_conf_server.yaml.sample with forseti_conf_server.yaml.in (#2941)
a471ee3 Allow iam scanner rule to accept dataset as resource type (#2921)
2c62f00 GKE Container Updates (#2885)

Assets 2
You can’t perform that action at this time.