Cerbos Helm Chart

Cerbos
Analyzed version: 0.16.0

By Cerbos

A Helm chart to deploy Cerbos. Cerbos is an open core, language agnostic, scalable solution that makes user permissions and authorization simple to implement and manage by writing context-aware access control policies for your application resources.

Prometheus, a CNCF project, is a systems and service monitoring system. It collects metrics from configured targets at given intervals, evaluates rule expressions, displays the results, and can trigger alerts if some condition is observed to be true.

This chart bootstraps a Prometheus deployment on a Kubernetes cluster using the Helm package manager.

Latest version: 15.5.3
View GitHub

How to Install the Cerbos Helm Chart

Add Chart Repository to Helm

helm repo add cerbos https://download.cerbos.dev/helm-charts

Install Chart

helm install my-cerbos cerbos/cerbos --version 0.16.0

Does the Cerbos chart contain security gaps?

The chart meets the best practices recommended by the industry.

The chart contains 5 misconfigurations.

The chart meets the best practices recommended by the industry. Find the full list of best practices here.

❌ Ensure each container has a configured memory request

1 occurrences:

  • metadata.name: release-name-cerbos (kind: Deployment)

💡 Missing property object `requests.memory` - value should be within the accepted boundaries recommended by the organization

Learn how to fix the issue here

❌ Ensure each container has a configured CPU request

1 occurrences:

  • metadata.name: release-name-cerbos (kind: Deployment)

💡 Missing property object `requests.cpu` - value should be within the accepted boundaries recommended by the organization

Learn how to fix the issue here

❌ Ensure each container has a configured memory limit

1 occurrences:

  • metadata.name: release-name-cerbos (kind: Deployment)

💡 Missing property object `limits.memory` - value should be within the accepted boundaries recommended by the organization

Learn how to fix the issue here

❌ Ensure each container has a configured CPU limit

1 occurrences:

  • metadata.name: release-name-cerbos (kind: Deployment)

💡 Missing property object `limits.cpu` - value should be within the accepted boundaries recommended by the organization

Learn how to fix the issue here

❌ Prevent ConfigMap security vulnerability (CVE-2021-25742)

1 occurrences:

  • metadata.name: release-name-cerbos (kind: ConfigMap)

💡 Missing property object `allow-snippet-annotations` - set it to "false" to override default behaviour

Learn how to fix the issue here

This is some text inside of a div block.
This is some text inside of a div block.

Reveal misconfigurations within minutes

3 Quick Steps to Get Started