🗂️ Navigation
📁 Infrastructure as Code
📋 IaC Validation
🔧 Kube-score

Kube-score

A tool that performs static code analysis of your Kubernetes object definitions.

Visit Website →

Overview

Kube-score is a tool that performs static analysis of Kubernetes object definitions. It analyzes your YAML or JSON manifests and gives them a score based on a set of built-in checks. These checks are designed to identify issues that could impact the reliability, security, or performance of your applications, such as missing health probes, resource limits, or running as a non-root user.

✨ Key Features

  • Static analysis for Kubernetes best practices
  • Checks for reliability (e.g., probes, replicas)
  • Checks for security (e.g., non-root user, read-only root filesystem)
  • Provides a score and detailed recommendations for improvement
  • Easy to integrate into CI/CD pipelines

🎯 Key Differentiators

  • Focus on actionable recommendations for improving reliability and security.
  • Simple, opinionated set of checks based on community best practices.
  • Scoring system provides a quick measure of configuration quality.

Unique Value: An easy way to get immediate, actionable feedback on how to make your Kubernetes configurations more reliable and secure.

🎯 Use Cases (3)

Auditing Kubernetes manifests for best practices Improving the quality and security of Kubernetes deployments Automated checks in CI/CD to prevent problematic configurations

✅ Best For

  • Running `kube-score score my-files/*.yaml` to get a list of critical and optional recommendations for improving Kubernetes manifests.

💡 Check With Vendor

Verify these considerations match your specific requirements:

  • Basic schema validation (Kubeval is better for this)
  • Enforcing complex, custom organizational policies

🏆 Alternatives

Datree Checkov Polaris

While tools like Checkov are broad security scanners, Kube-score is specifically tailored to Kubernetes operational best practices, like setting probes and resource requests/limits.

💻 Platforms

Desktop

✅ Offline Mode Available

🔌 Integrations

GitHub Actions GitLab CI Jenkins CircleCI

💰 Pricing

Contact for pricing
Free Tier Available

Free tier: Kube-score is completely free and open-source.

Visit Kube-score Website →

🔄 Similar Tools in IaC Validation

Checkov

An open-source static analysis tool for scanning infrastructure as code (IaC) files for misconfigura...

Contact

Terrascan

An open-source static code analyzer for IaC that helps detect security and compliance violations....

Contact

tfsec

An open-source static analysis tool for finding security misconfigurations in Terraform code....

Contact

KICS

An open-source static analysis tool that finds security vulnerabilities, compliance issues, and misc...

Contact

Open Policy Agent (OPA)

An open-source, general-purpose policy engine that unifies policy enforcement across the stack....

Contact

TFLint

A linter for Terraform that focuses on best practices, style conventions, and detecting potential er...

Contact