Gke Cred Audit
БесплатноНе проверенDefensive credential-exposure auditor for GKE that inventories workload identity, service account tokens, and RBAC posture, exposing findings via an MCP server
Описание
Defensive credential-exposure auditor for GKE that inventories workload identity, service account tokens, and RBAC posture, exposing findings via an MCP server at /mcp.
README
Defensive credential-exposure auditor for GKE. Deployed in-cluster as a single
Pod (Deployment + Service); fronted by Natoma at /mcp.
The server uses its own ServiceAccount to:
- Inventory its own GCE/GKE workload-identity exposure (project, instance, SA scopes/tokens).
- Decode its own projected ServiceAccount token (claims only) and walk its mounted secret files.
- Inventory the pods + ConfigMaps in its namespace (and, opt-in, secret metadata) so Natoma can ask follow-up questions about workloads that share the namespace.
- Compute its own RBAC posture via
SelfSubjectRulesReviewand a curatedSelfSubjectAccessReviewmatrix.
Surfaces
- REST with an OpenAPI 3.1 spec at
/openapi.json(Swagger UI at/docs, ReDoc at/redoc). - MCP server over Streamable HTTP, mounted at
/mcp(per MCP spec rev 2025-03-26).
Both surfaces share the same redacted pydantic models. Raw bearer tokens, JWT signatures, PEM
private keys, and Secret values are never returned. The break-glass RAW_REVEAL flag exists for
debugging individual tokens; it never extends to namespace Secret values.
Deploying via Natoma
Natoma is the auth boundary for /mcp. The server itself has no native auth; this is intentional
and surfaced in /version, audit://server-info, and the OpenAPI spec via x-auth=none (gateway-managed).
Dockerfile path (recommended)
This repo has a root Dockerfile. Point Natoma at this repo and it will build and run the
container. The server reads $PORT (default 8080) and binds 0.0.0.0. uvicorn is configured
with --proxy-headers --forwarded-allow-ips="*" so X-Forwarded-* from the gateway is honored.
Direct cluster deployment
kubectl apply -f manifests/rbac.yaml
kubectl apply -f manifests/deployment.yaml
kubectl apply -f manifests/service.yaml
kubectl apply -f manifests/networkpolicy.yaml
Then point Natoma's gateway at http://gke-cred-audit.<namespace>.svc:8080/mcp.
The bundled NetworkPolicy only permits ingress from namespaces labeled natoma-gateway: "true";
adjust to match your installation. Egress is restricted to the Kubernetes API server and the GCE
metadata IP.
Granting secret enumeration
AUDIT_ENABLE_SECRET_LISTING=true opts in to namespace Secret enumeration. Even when enabled, the
server returns metadata only -- name, type, key names, per-key size, per-key SHA-256 prefix.
Values are never returned. A property-based test (tests/test_redaction_invariant.py)
runs against mocked Secrets containing real-looking base64 data to enforce this.
The trade-off: granting secrets:list to the audit ServiceAccount makes the audit pod a high-trust
target. Default is OFF. When enabling, prefer:
- A dedicated namespace for the audit Deployment, with no other workloads.
- Tightening the bundled Role with
resourceNames: [...]to specific Secret names. - A
NS-SECRETS-LIST-GRANTEDfinding will appear in/findingsto make this visible.
Running locally
pip install -e '.[dev]'
gke-cred-audit --bind 127.0.0.1 --port 8080
Then:
curl http://127.0.0.1:8080/openapi.json-- OpenAPI 3.1 documentcurl http://127.0.0.1:8080/findings?severity=HIGH-- JSON findingscurl http://127.0.0.1:8080/server-info-- capability manifest- MCP clients connect to
http://127.0.0.1:8080/mcp
What's intentionally NOT in scope
- Cross-namespace reads (would require ClusterRole; not used).
- Returning Secret
data/stringDataunder any flag. - Native auth on the server (Natoma owns auth).
Установить Gke Cred Audit в Claude Desktop, Claude Code, Cursor
unyly install gke-cred-auditСтавит в Claude Desktop, Claude Code, Cursor и VS Code — сам разбирается с npx, uvx и сборкой из исходников.
Впервые? Поставь CLI: curl -fsSL https://unyly.org/install | sh
Или настроить вручную
Выполни в терминале:
claude mcp add gke-cred-audit -- uvx --from git+https://github.com/rrupesh/mcp-test gke-cred-auditFAQ
Gke Cred Audit MCP бесплатный?
Да, Gke Cred Audit MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для Gke Cred Audit?
Нет, Gke Cred Audit работает без API-ключей и переменных окружения.
Gke Cred Audit — hosted или self-hosted?
Доступен hosted-вариант: Unyly запускает сервер в облаке, локальная установка не обязательна.
Как установить Gke Cred Audit в Claude Desktop, Claude Code или Cursor?
Открой Gke Cred Audit на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
GitHub
PRs, issues, code search, CI status
автор: GitHubFilesystem
Secure file operations with configurable access controls.
Memory
Knowledge graph-based persistent memory system.
Template MCP Server
A CLI tool to create a new Model Context Protocol server project with TypeScript support, dual transport options, and an extensible structure
автор: mcpdotdirectCompare Gke Cred Audit with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории development
