Kubernetes manifests

Kubernetes IaC coverage includes:

• *.yaml, *.yml (manifests, Helm-rendered YAML, basic K8s resources)
• Controls like:
  • privileged containers
  • hostPath mounts
  • missing resource limits
  • unsafe securityContext
  • public services / risky ingress configs

Where this fits

• If the finding is in repo YAML, it appears under Sttor Code → IaC Security.
• (Separate from) cluster posture checks under Sttor Kubernetes which apply to what’s actually running.