メニュー
Run a security audit on an OpenShift namespace or cluster. Use when the user asks about security posture, RBAC, SCCs, network policies, or compliance.
OpenShift Lightspeed CLI — AI-powered assistant for OpenShift from your terminal. Connects to OpenShift Lightspeed Service (OLS) REST API and provides interactive chat, streaming responses, cluster-aware tools, and session management. Use when working with OpenShift clusters, Kubernetes operations, or needing AI-powered cluster assistance from the command line.
Check the overall health of an OpenShift cluster. Use when the user asks about cluster status, node health, capacity, or wants a quick health overview.
Guide deploying an application to OpenShift. Use when the user wants to deploy a new app, create a deployment, set up services and routes. Covers S2I, Docker, Helm, and raw YAML approaches.
Troubleshoot a problematic pod in OpenShift. Use when a pod is CrashLooping, not ready, failing health checks, or showing errors. Walks through events, logs, describe, and common failure patterns.
| name | security-audit |
| description | Run a security audit on an OpenShift namespace or cluster. Use when the user asks about security posture, RBAC, SCCs, network policies, or compliance. |
| metadata | {"author":"kcns008","version":"0.1.0"} |
Check RBAC
oc get clusterrolebindings -o wide
oc get rolebindings -n <namespace>
oc auth can-i --list --as=system:serviceaccount:<ns>:<sa>
Check Security Context Constraints
oc get scc
oc describe scc restricted
Check pod security
oc get pods -n <namespace> -o jsonpath='{range .items[*]}{.metadata.name}{"\t"}{.spec.securityContext}{"\n"}{end}'
Check network policies
oc get networkpolicies -n <namespace>
Check image vulnerabilities (if Security Operator installed)
oc get vulnerabilities -n <namespace>
oc get imagevulnerabilities -n <namespace>
Summarize findings