Kubernetes Security Checklist |
A baseline checklist for ensuring security in Kubernetes clusters |
Securing a Kubernetes Cluster |
This document covers topics related to protecting a cluster from accidental or malicious access and provides recommendations on overall security |
Securing Kubernetes Clusters by Eliminating Risky Permissions |
How permissions are built in Kubernetes with role-based access control (RBAC) and why you should use it carefully |
Plain Kubernetes Secrets are fine |
- By creating a threat model that includes the kinds of attacks you want to mitigate, it's clear that managing secrets safely is extremely difficult
- The problem is NOT that secrets are just base64 encoded; that was never meant as a security feature. And the problem cannot be simply waved away by software/cloud providers and their flashy documentation
|
Kubernetes Hardening Tutorial |
|