Kubernetes or containerize technology is the new trend of system deployment and application development. Developers can focus on developing their unique features with zero worries about their application compatibility on different computer systems. However, there are always will be vulnerabilities or risks existing in the system even in Kubernetes. To avoid vulnerabilities, keeping your Kubernetes to the updated version is a must. Besides upgrading your Kubernetes, we can do more to enhance security by hardening the system.
How can we know to harden the Kubernetes? – the guide
About how to harden the Kubernetes to enhance the security, there are some useful guides can use for our reference. One of the useful hardening guides must be the “Kubernetes Hardening Guide” written by the National Security Agency. It was published in Aug 2021 and updated in Mar 2022 with version 1.1.
You can find the full guide with this link:
https://media.defense.gov/2021/Aug/03/2002820425/-1/-1/1/CTR_KUBERNETES HARDENING GUIDANCE.PDF
As an introduction post, let us quickly introduce the menu of this guide
- Threat model
- Kubernetes Pod security
- Network separation and hardening
- Authentication and authorization
- Audit Logging and Threat Detection
- Upgrading and application security practices
- Works Cited
- And a lot Appendix…
In the next post, we will continue to introduce this guide and how can we keep our AKS with enhanced security.
Chris Wan
Microsoft Certified Trainer (MCT)
Application Architect, SOS Group Limited