From the course: Kubernetes and Cloud Native Security Associate (KCSA) Cert Prep
Join today to access over 24,700 courses taught by industry experts.
What is infrastructure security?
From the course: Kubernetes and Cloud Native Security Associate (KCSA) Cert Prep
What is infrastructure security?
Now, from an infrastructure security perspective, it's going to be a little bit different, but at the same time the same in many ways. So first, network access to the API server. You want to ensure that whoever is hitting the API server, whether they're running kubectl apply or kubectl get, is supposed to have access, network access to the nodes themselves, which ultimately they should only be accepting connections via network access and control list. We're going to be talking about network policies and how we can handle that later on. Kubernetes access to the cloud provider API, which is going to be managed Kubernetes services, access to etcd, which is the database for Kubernetes, the data store, and then encrypting etcd. Now what I will say is this, for example, access to etcd. You're not managing etcd when it comes to a managed Kubernetes service like AKS, EKS, GKE, but you still of course have the ability to specify who has access to what components, what nodes have access, what…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
What is cloud native security?1m 52s
-
OWASP Kubernetes Top 102m 7s
-
(Locked)
What is infrastructure security?1m 26s
-
(Locked)
The four Cs of cloud native security3m 29s
-
(Locked)
Cloud provider and infrastructure security4m
-
(Locked)
Isolation techniques1m 42s
-
(Locked)
Artifact repo and image security1m 39s
-
(Locked)
Workload and app code security4m 38s
-
-
-
-
-
-
-