Add your Kubernetes environment

You can add a native Kubernetes cluster to Sophos Cloud Optix by running the script Sophos provides.

Note A "native" cluster is one that you have installed on servers that you own and manage. It may be hosted in the cloud, or on-premises in your own environment, and differs from Kubernetes services managed by cloud providers (AWS, Azure, GCP).
Note Sophos Cloud Optix also supports Google Kubernetes Engine (GKE). You can add GKE clusters to Sophos Cloud Optix when you add GCP environments.
To add a Kubernetes cluster, do as follows.
  1. Click Settings (in the left-hand menu) and select Environments.
  2. Click Add New Environment.
  3. On the Add your Cloud Provider environment page, select the K8s tab.
    This shows you the script and other information you need.
  4. Use SSH to access your cluster’s master node.
    You need to be an admin for the cluster you want to add.
  5. Download the script shown on the K8s tab in Sophos Cloud Optix.
  6. Run the script using the command shown.
  7. Whitelist the IP addresses shown. You do this in the security group of your master node.
    Ths enables Sophos Cloud Optix to access the Kubernetes API server.
Sophos Cloud Optix will pull the inventory data, perform CIS Benchmark security best practice checks on the environment, and report any potential weaknesses.