Violation Alert Generation


In this section, we will compromise a container by gaining 'exec' access and generate violation alerts on CBC Cloud Console.

49. Compromising a Container

50. Create Local Proxy

Create a local proxy to reach the exposed dashboard service:

kubectl port-forward -n myapp service/dashboard 8080:8080

51. Launch myapp UI

Visit the dashboard by opening http://localhost:8080 on your browser from within the VMware Tanzu Horizon Desktop

52. List myapp Pod

Hit Ctrl + C twice to exit out of the running proxy.

List the myapp pod. Copy the App name (Highlighted in screenshot below) by using Right Click or Ctrl + C

kubectl get pods -n myapp

53. Access myapp Container

Replace <dashboard-name> in the below command with the App name copied in previous step

kubectl exec -it <dashboard-name> -n myapp -c dashboard bash

54. List running processes

List all running processes

ps aux

55. Exit myapp Container

Finally, let's exit out of the dashboard using the 'exit' command

Previous Article Configure CBC Security
Next Article Policy Action Violation Restriction