mirror of
https://github.com/prowler-cloud/prowler.git
synced 2026-07-14 08:01:59 +00:00
9ca1899ebf
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com> Co-authored-by: Andoni Alonso <14891798+andoniaf@users.noreply.github.com>
44 lines
1.3 KiB
Markdown
44 lines
1.3 KiB
Markdown
# Miscellaneous
|
|
|
|
## Context Filtering in Prowler
|
|
|
|
Prowler will scan the active Kubernetes context by default.
|
|
|
|
To specify a different Kubernetes context for scanning, use the `--context` flag followed by the desired context name, for example:
|
|
|
|
```console
|
|
prowler --context my-context
|
|
```
|
|
|
|
This ensures that Prowler analyzes the selected context or cluster for vulnerabilities and misconfigurations.
|
|
|
|
## Namespace Filtering
|
|
|
|
By default, `prowler` scans all namespaces within the specified context.
|
|
|
|
To limit the scan to specific namespaces, use the `--namespace` flag followed by the desired namespace names, separated by spaces: for example:
|
|
|
|
```console
|
|
prowler --namespace namespace1 namespace2
|
|
```
|
|
|
|
## Proxy and TLS Verification
|
|
|
|
If your Kubernetes cluster is only accessible via an internal proxy, Prowler will respect the `HTTPS_PROXY` or `https_proxy` environment variable:
|
|
|
|
```console
|
|
export HTTPS_PROXY=http://my.internal.proxy:8888
|
|
prowler kubernetes ...
|
|
```
|
|
|
|
If you need to skip TLS verification for internal proxies, you can set the `K8S_SKIP_TLS_VERIFY` environment variable:
|
|
|
|
```console
|
|
export K8S_SKIP_TLS_VERIFY=true
|
|
prowler kubernetes ...
|
|
```
|
|
|
|
This will allow Prowler to connect to the cluster even if the proxy uses a self-signed certificate.
|
|
|
|
These environment variables are supported both when using an external `kubeconfig` and in in-cluster mode.
|