[KubeArmor] Observability and policy discovery helper tool

[nate-double-u]

KubeArmor provides a visibility telemetry events to show pod/container observability data such as process executions, file system accesses, network accesses. This information is to be used to bind together more comprehensive analysis data showing the security posture for the pod/container. This security posture/visibility information would help user in turn to discover optimal policy settings. One of the aim for this work is to ensure that the system shows only useful/aggregated data and does simply throw bunch of events/logs to the user. The overall design involves developing and deploying a k8s service that will wait on the kubearmor events and aggregate those events at the container/pod level. The cli-tool (already present but has to be extended) will be pulling the information from the service to show it to the user. An extended goal could be to show a simply TUI to the user by querying the kubearmor service. Detailed use-cases and requirements are mentioned in this slide deck.

Mentor(s): Barun Acharya (@daemon1024), Rahul Jadhav (@nyrahul)

https://github.com/cncf/mentoring/blob/main/summerofcode/2022.md#observability-and-policy-discovery-helper-tool