Feature
- graph: Added
not_within
attribute solver for graph checks - #4041 - kubernetes: Add CKV2_K8S_2 graph check for potential privilege escalation in
nodes/proxy
orpods/exec
withcreate
permissions - #4034 - kubernetes: Add CKV2_K8S_3 no
impersonate
permissions forServiceAccount/Node
- #4037 - kubernetes: Added CKV2_K8S_4 check to not allow modifying of services/status - #4038
- kubernetes: Added CKV2_K8S_5 check that no service account or node can read all secrets - #4042
- secrets: Accepting json reports from bucket in secrets_omitter - #4039
- terraform: add CKV NCP rules about Route Table Association - #3856