Skip to content

Links and resources for the O'Reilly Kubernetes Security book

License

Notifications You must be signed in to change notification settings

k8s-sec/k8s-sec.github.io

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

51 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Hello and welcome to Kubernetes Security, the resource center for the O'Reilly book on this topic by Liz Rice and Michael Hausenblas.

Kubernetes Security book cover

In the book we explore security concepts including defense in depth, least privilege, and limiting the attack surface. We discuss and show how to secure clusters, and you'll also learn how Kubernetes uses authentication and authorization. The book will teache you how to secure container images against known vulnerabilities and abuse by third parties, enforce policies on the container runtime level as well as the networking level, and give you to rundown on how to handle sensitive information such as credentials.

Table of contents


Securing the cluster

Relevant pages in the official Kubernetes documentation:

Further reading:

Tooling:

Authentication and authorization

Introductions and overview resources for authn & authz in Kubernetes:

Tooling:

  • jwt.io
  • kubeadm
  • kubectl-who-can - a kubectl plugin for seeing which identities have permission to perform a given action on a given set of resources

Authentication

Relevant pages in the official Kubernetes documentation:

Further reading:

Tooling:

Authorization

Relevant pages in the official Kubernetes documentation:

Further reading:

Tooling:

Securing your container images

Further reading:

Tooling:

Running containers securely

Relevant pages in the official Kubernetes documentation:

Further reading:

Tooling:

Secrets management

Relevant pages in the official Kubernetes documentation:

Further reading:

Tooling:

Advanced topics

Tooling:

References

Official Kubernetes documentation

API and resource references relevant to security (Kubernetes v1.19) docs:

Useful kubectl commands

  • kubectl create secretdocs
  • kubectl create serviceaccountdocs
  • kubectl create roledocs
  • kubectl create rolebindingdocs
  • kubectl auth can-idocs

Providers


The logo uses a padlock icon by Freepik from www.flaticon.com and the Kubernetes logo kudos to the CNCF, The Linux Foundation.

About

Links and resources for the O'Reilly Kubernetes Security book

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages