Transcription of Kubernetes Hardening Guide
{{id}} {{{paragraph}}}
National Security Agency Cybersecurity and Infrastructure Security Agency Cybersecurity Technical Report < strong >Kubernetes strong > < strong >Hardening strong > < strong >Guide strong > March 2022. U/OO/168286-21. PP-22-0324. Version National Cybersecurity Security Agency and Infrastructure Security Agency < strong >Kubernetes strong > < strong >Hardening strong > Guidance Notices and history Document change history Date Version Description August 2021 Initial release March 2022 Updated guidance based on industry feedback Disclaimer of warranties and endorsement The information and opinions contained in this document are provided "as is" and without any warranties or guarantees. Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States Government, and this < strong >Guide strong > shall not be used for advertising or product endorsement purposes.
Mar 15, 2022 · Use strong user authentication. Create RBAC policies with unique roles for users, administrators, developers, service accounts, and infrastructure team. Audit Logging and Threat Detection Enable audit logging (disabled by default). Persist logs to ensure availability in the case of node, Pod, or container-level failure.
Domain:
Source:
Link to this page:
Please notify us if you found a problem with this document:
{{id}} {{{paragraph}}}