Real-World Kubernetes Security
In the previous chapter, we threat modeled Kubernetes using STRIDE. In this chapter, we'll cover a number of common security-related challenges that you're likely to encounter when implementing Kubernetes in the real world.
While we accept that every Kubernetes deployment is different, there are many similarities. As a result, the examples that we cover will affect most Kubernetes deployments, large and small.
We will not be offering cookbook style solutions. Instead, we'll be looking at things from a high-level view, similar to what a security architect does.
We'll divide the chapter into the following four sections:
- CI/CD pipeline
- Infrastructure and networking
- Identity and access management
- Security monitoring and auditing