Skip to main content

I’m trying to create container resource groups based on pod labels, but these do not seem to be available.

In specific I want to be able to create resource groups and queries based on the output of: kubectl get pod my_pod -n my_namespace -o=jsonpath='{.metadata.labels}'

Below is an example of what I would like to do in query terms:

filter {
      containers.PROPS_LABELSL"my_pod_label_key"] = "my_pod_label_value"
    }

(this won’t actually work afaik, just an illustration of what I’m after)

Seems like a rather obvious thing to be able to do. Wondering is there is an apparent trick I’m missing.

Agent

N/A

Platform

Tuning Lacework/Customization

Cloud

N/A

Thanks for your question, @therockvalley !

 

Not sure if you’ve taken a look at our Resource Groups documentation (https://docs.lacework.net/console/resource-groups), but depending on how your pods are label, you might be able to get away with creating your resource group using “Container” as the resource group type and using the “Container Label” filter as the starting condition. Something similar to this:

 

 

That’s what I’m trying but the pod labels aren’t available as far as I can tell. Pod names and namespaces are working fine.

Ah, gotcha. Let me do some digging and I’ll get back to you on this.

@therockvalley I’ve sadly found out that we do not support pod labels at this time, but I will go ahead and submit a feature request for you.

Reply


Terms of UseCookie settings