Cluster Configuration Audits
Cluster Configuration Audit Reports under Security > Cluster Security > Configuration Audits show cluster-wide configuration audit security assessments. Unlike Namespace Configuration Audits, the scope is the whole cluster, not a single namespace. You can open each report to see failed checks, descriptions, and remediation steps. Reports are generated by Trivy; they appear in the list once cluster resources have been scanned.
Cluster Configuration Audit Reportsβ
The page title is Cluster Configuration Audit Reports, with a short description: Cluster-wide configuration audit security assessments. There is no namespace filter β the list covers all audited entities at cluster level.
Tableβ
Use the Columns control (e.g. "Columns 7") above the table to choose which columns are visible. The table includes:
| Column | Description |
|---|---|
| Name | Name of the audited cluster resource or entity. |
| Critical | Number of critical findings. |
| High | Number of high-severity findings. |
| Medium | Number of medium-severity findings. |
| Low | Number of low-severity findings. |
| Total Checks | Total number of checks run. |
If no cluster configuration audit reports exist yet, the page shows a message that no reports were found and that Trivy cluster configuration audit reports will appear here once cluster resources are scanned. Pagination at the bottom (e.g. "Rows per page: 25", "0 of 0") and navigation arrows let you move through the list when reports are present. Each row typically has an action (e.g. eye icon) to open Audit Details.
Audit Detailsβ
When you open a report, the breadcrumbs show Security > Cluster Security > Configuration Audits > Audit Details. The detail view follows the same pattern as Namespace Configuration Audits: a header with the audited resource, scan summary (checks passed/failed, scanner version, last scan), severity counts, and a table of findings. You can filter by Severity and Status, and expand each row to see Description, Messages, and Remediation. The only difference is that the audit applies to cluster-level resources rather than a single namespace.