Prerequisites
- A Kubernetes cluster (EKS, GKE, AKS, or any CNCF-conformant cluster)
kubectl configured and pointing at your cluster- A ChangeGuard account (sign up free)
Step 1: Get your API key
After signing up, your API key is shown once on the confirmation screen. If you need a new one, go to Integrations → API Keys → Create Key.
Save your API key immediately — it cannot be retrieved after creation. Only the prefix is stored.
Step 2: Install the agent
curl -sL https://install.changeguard.ai | bash -s -- \
--api-key YOUR_API_KEY \
--cluster my-cluster-name
- A
changeguard-agent namespace
- A Kubernetes Secret with your configuration
- RBAC roles (read-only access to cluster resources)
- The agent Deployment (single pod, ~50MB memory)
Step 3: Verify
Check the agent is running:
kubectl logs -n changeguard-agent -l app=changeguard-agent --tail=5
[push] OK: pods=24 nodes=3 deploys=12 score=87 | 45KB→4KB (10.2x) | 23ms
Step 4: View your dashboard
Go to app.changeguard.ai and log in. Your cluster appears in the dropdown within 10 seconds.
Optional flags
| Flag | Default | Description |
|---|
--provider | Kubernetes | EKS, GKE, AKS, or Kubernetes |
--region | auto-detect | Cluster region (e.g., us-east-1) |
--version | v2.4.0 | Agent image version |
--namespace | changeguard-agent | Namespace for the agent |
Uninstall
kubectl delete namespace changeguard-agent
kubectl delete clusterrole,clusterrolebinding changeguard-agent
