Creating an Audit Policy for k0s

All about k0s
#1

Hey Everyone,

The company I work for recently built a Dev k0s cluster. Before moving everything to production we need to set up an audit policy to generate logs of activity occurring in the cluster to be compliant with customer requirements.

Compared to standard k8s, k0s is obviously a lot more in terms of your configuration options (everything already being pre-built for the most part). K8s and k0s also have different file structures which makes trying to transfer knowledge over from k8s to k0s a little difficult.

My question is, does anyone have any resources or articles of how to set up an audit policy for k0s? (CIS Benchmark does not have any information for k0s specifically)

#2

Hi, K0s uses vanilla kubernetes so pretty much all the documentation for kubernetes works. The only difference is that you need to configure the flags in the k0s configuration file.

So if you have a valid audit policy file you can just pass it as an argument in spec.api.extraArgs. Something like this should work

apiVersion: k0s.k0sproject.io/v1beta1
kind: ClusterConfig
spec:
  api:
    extraArgs:
      audit-policy-file: /path/to/file

More information about k0s configuration here