json
nctl scan json
Scan Command
Scan JSON resources by validating them against custom policies.
nctl scan json [flags]
Scan Options
Flag | Shorthand | Description |
---|---|---|
--file <string> |
mention the file name to store scan result | |
--help |
-h |
help for json command |
--output <string> |
-o |
choose the output format of scan result. Available options are: json , text ,yaml and sarif with the default option being text |
--policies <strings> |
-p |
specify path to policy files (local path, github URL, helm URL) to scan against custom policies |
--policy-sets <string> |
scan against different policy sets in one command, use this flag to provide a comma-separated list of policy sets to scan the resources(pss-baseline, pss-restricted, rbac-best-practices) | |
--resources <strings> |
-r |
path to resource files (local path, github URL). scan specific resource files instead of all resources in a cluster, use this flag to point to a local path or gitHub URL containing the resource files |
--userinfo <string> |
u |
admission Info including roles, cluster roles and subjects |
--values-file <string> |
use this flag followed by the file path to extract values of policy variables |