TOC & Recently Viewed

Recently Viewed Topics

Configure and Deploy Secrets in Kubernetes

Configure your secrets (data objects that contain sensitive information) and deploy them to the registry where the image you want to scan is stored to enable the Tenable.io CS Scanner to authenticate and securely configure and run an import in Kubernetes.

For more information about secrets in Kubernetes, see https://kubernetes.io/docs/concepts/configuration/secret/.

Before you begin:

To configure and deploy secrets in Kubernetes:

  1. In the CLI, copy and paste the following text to configure the Tenable.io secret key, typing your specific variables where applicable:

    kubectl create secret generic tio --from-literal=username='<Your Tenable.io access key>' --from-literal=password='<Your Tenable.io access key>' --namespace=tiocsscanner
  2. Copy and paste the following to configure the private registry username and password secrets, typing the variables for the private registry where the image you want to scan is stored where applicable:

    kubectl create secret generic private_registry --from-literal=username='<Your private registry username>' --from-literal=password='<Your registry password>' --namespace=tiocsscanner
  3. Copy and paste the following text to pull the image to be scanned from the registry, typing your specific variables where applicable:

    kubectl create secret docker-registry jfrog-tio --docker-server=https://tenableio-docker-consec-local.jfrog.io --docker-username=<Your username from the Tenable.io Container Security console> --docker-password=<Your password from the Tenable.io Container Security console> --docker-email=<Your email address> --namespace=tiocsscanner
  4. Press Enter.

    Your secrets are configured and deployed to the private registry where the image you want to import and scan is stored.

What to do next:

Copyright © 2019 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.. Tenable.sc, Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.