Zora Dashboard¶
Zora Dashboard is a SaaS platform designed to seamlessly centralize the security posture management of all your Kubernetes clusters, providing a full experience powered by Zora OSS.
It features a powerful UI that allows you to navigate, filter and explore details of issues and affected resources across all your clusters. You can also invite users to your workspace.
Zora Dashboard offers a starter plan for 14 days, after which it will revert to the free plan which provides access for 2 clusters with up to 10 nodes per cluster. Please contact us if you need to discuss a tailored solution.
Getting started¶
To integrate your Zora OSS installation with Zora Dashboard, you need to first authenticate with the authorization server and then provide your saas.workspaceID
parameter in the Zora OSS installation command.
Authenticating with the Authorization server¶
Authenticating with the authorization server is simplified through the use of a helm plugin, zoraauth
, which can be installed by executing
helm plugin install https://github.com/undistro/helm-zoraauth
helm plugin update zoraauth
Connect cluster
option once you have signed in to the Zora Dashboard.
To authenticate with the authorization server, copy and run the helm zoraauth
command and then follow the instructions within your terminal
helm zoraauth --audience="zora_prod" \
--client-id="<client id>" \
--domain="login.undistro.io"
Initiating Device Authorization Flow...
Please visit https://login.undistro.io/activate and enter code: BFNS-NWFF, or visit: https://login.undistro.io/activate?user_code=BFNS-NWFF
Once you have confirmed the request you should see the following message on your terminal
Tokens saved to tokens.yaml
You can then install or upgrade Zora OSS by providing the saas.workspaceID
parameter in the Zora OSS installation command:
helm repo add undistro https://charts.undistro.io --force-update
helm repo update undistro
helm upgrade --install zora undistro/zora \
-n zora-system --create-namespace --wait \
--set clusterName="$(kubectl config current-context)" \
--set saas.workspaceID=<YOUR WORKSPACE ID HERE> \
--values tokens.yaml
helm upgrade --install zora oci://ghcr.io/undistro/helm-charts/zora \
-n zora-system --create-namespace --wait \
--set clusterName="$(kubectl config current-context)" \
--set saas.workspaceID=<YOUR WORKSPACE ID HERE> \
--values tokens.yaml
Architecture¶
Zora OSS acts as the engine of Zora Dashboard, meaning that once scans are completed, only the results are sent to Zora Dashboard, where they are accessible by you and those you have invited to your workspace.
Note that these results do not contain sensitive information or specific data about your cluster configuration.