Miscellaneous¶
Context Filtering in Prowler¶
Prowler will scan the active Kubernetes context by default.
To specify a different Kubernetes context for scanning, use the --context flag followed by the desired context name, for example:
This ensures that Prowler analyzes the selected context or cluster for vulnerabilities and misconfigurations.
Namespace Filtering¶
By default, prowler scans all namespaces within the specified context.
To limit the scan to specific namespaces, use the --namespace flag followed by the desired namespace names, separated by spaces: for example:
Proxy and TLS Verification¶
If your Kubernetes cluster is only accessible via an internal proxy, Prowler will respect the HTTPS_PROXY or https_proxy environment variable:
If you need to skip TLS verification for internal proxies, you can set the K8S_SKIP_TLS_VERIFY environment variable:
This will allow Prowler to connect to the cluster even if the proxy uses a self-signed certificate.
These environment variables are supported both when using an external kubeconfig and in in-cluster mode.