Skip to main content

Lacework for Kubernetes Compliance - FAQs

What does Lacework need to complete a full collection of data for Kubernetes Compliance?

Lacework requires data from three types of collectors before a complete assessment of your Kubernetes cluster can be made.

  1. Cloud Collector (also known as RMv2 or Cloud Resource Management)
    • You must have completed a Configuration integration for your cloud account (for example: AWS Configuration).
    • It is always on and runs once a day at the time defined by the Resource Management Collection Schedule (Settings > Configuration > General in the Lacework Console).
    • This enumerates the list of Kubernetes clusters and can be applied to some controls.
    • Data is always available after 24 hours (from when the Configuration integration was completed).
  2. Node Collector (extension of the Lacework Agent)
    • You must complete installation/configuration on each Kubernetes cluster that you want to monitor for configuration compliance.
    • Runs every hour.
    • Data is sent to Lacework within 2 hours of installation.
  3. Cluster Collector
    • You must complete installation/configuration on each Kubernetes cluster that you want to monitor for configuration compliance.
    • Runs every 24 hours.
    • Data is sent to Lacework within 2 hours of installation.

See Kubernetes Compliance Integrations for guidance on installing Node and Cluster collectors.

How long does it take for a full collection of data?

The compliance data is complete and available for assessment once all 3 collections have occurred at least once.

The node and cluster data is sent to Lacework within 2 hours of the collectors being installed on a cluster. Once the cloud collection has occurred, data will be visible in the Lacework platform.

In the vast majority of cases, this should take 24 hours or less.

How do I check whether the node collector or cluster collector is installed?

If Collection status for your cluster is displaying as Partial collection, it is likely that the Node and/or Cluster Collectors are not installed.

Collection status can be viewed in the Lacework Console from the Kubernetes Compliance page (Compliance > Kubernetes) when grouped by cluster.