Manually import Kubernetes workload project

Prerequisites for manual import of Kubernetes workload project

You must have an account with Snyk and be onboarded to your Organization by an administrator.

In addition, the integration must be configured between Snyk and your Kubernetes environment per Organization. To verify the integration is configured, ensure you have an Integration ID.

1. Deploy Snyk Controller in your Kubernetes cluster.

2. Deploy Kubernetes workloads that you want to be imported into the Kubernetes cluster

Manually add workloads

Go to the Projects page, click Add project and select the Kubernetes option.

The import screen loads, similar to the one in the following mage, displaying all namespaces from the Kubernetes environment on the left and relevant namespace workloads on the right:

Snyk purposely ignores scanning certain namespaces which Snyk believes are internal to Kubernetes (any namespace starting with kube-*). Therefore you will not see those namespaces in the list as well as the workloads those namespaces contain. The full list of ignored namespaces can be found in the kubernetes-monitor internal-workspaces file. This can be configured by adding the following code to Helm when you are setting up the snyk-monitor:

      --set excludedNamespaces={kube-node-lease,local-path-storage,some_namespace}

• Select one or multiple namespaces from the left side and for each namespace, select one or multiple workloads to import from the right side.

• When you are ready, click Add selected workloads from the top right of the screen. When the import completes, the Projects page loads and all workloads that you’ve imported appear, with a unique Kubernetes icon:

Each item is named according to its Kubernetes metadata as follows: <namespace>/<kind>/<name>.

You can filter for Kubernetes Projects only: