From fa60fb68fd5b2386bab6b37a477d8c320f5c18b0 Mon Sep 17 00:00:00 2001
From: Liz Rice <liz@lizrice.com>
Date: Thu, 11 Apr 2019 18:45:16 +0100
Subject: [PATCH] Add job for EKS

---
 job-eks.yaml | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 job-eks.yaml

diff --git a/job-eks.yaml b/job-eks.yaml
new file mode 100644
index 0000000..d51909f
--- /dev/null
+++ b/job-eks.yaml
@@ -0,0 +1,34 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: kube-bench
+spec:
+  template:
+    spec:
+      hostPID: true
+      containers:
+      - name: kube-bench
+        # Push the image to your ECR and then refer to it here
+        image: <ID.dkr.ecr.region.amazonaws.com/aquasec/kube-bench:ref>
+        command: ["kube-bench", "--version", "1.11-json"]
+        volumeMounts:
+        - name: var-lib-kubelet
+          mountPath: /var/lib/kubelet
+        - name: etc-systemd
+          mountPath: /etc/systemd
+        - name: etc-kubernetes
+          mountPath: /etc/kubernetes
+      restartPolicy: Never
+      volumes:
+      - name: var-lib-kubelet
+        hostPath:
+          path: "/var/lib/kubelet"
+      - name: etc-systemd
+        hostPath:
+          path: "/etc/systemd"
+      - name: etc-kubernetes
+        hostPath:
+          path: "/etc/kubernetes"
+      - name: usr-bin
+        hostPath:
+          path: "/usr/bin"