Security Primer¶
Kubernetes security is a layered discipline, not a single feature.
A practical model is to protect each layer of the stack and assume controls can fail independently.
Major risk areas¶
- excessive RBAC permissions
- privileged or poorly constrained containers
- weak image supply-chain controls
- unrestricted lateral network traffic
- missing audit visibility and incident response readiness
4-layer security model¶
| Layer | Focus | Example controls |
|---|---|---|
| Cloud | account and infrastructure boundary | IAM, network segmentation, KMS, managed audit logs |
| Cluster | control plane and policy | RBAC, admission controls, etcd encryption, API audit logs |
| Workload | pod and container runtime | pod security standards, security context, network policy |
| Application | code and dependencies | dependency scanning, secrets hygiene, secure SDLC |
Security operating baseline¶
- enforce least privilege access
- harden workload defaults
- restrict unnecessary east-west traffic
- verify artifact integrity before deploy
- collect and retain actionable audit and runtime telemetry
Security in the delivery pipeline¶
Security should run before deploy, not only after incidents.
Recommended controls in CI and CD:
- manifest linting and policy checks
- image scanning and signing
- admission policy verification
Continuous improvement loop¶
- review new cluster and namespace permissions regularly
- test incident response playbooks
- patch and rotate credentials on a schedule
- run periodic architecture threat reviews
Summary¶
Secure Kubernetes operations come from consistent controls across identity, runtime, network, and supply chain. Treat security as an operational system, not a one-time project.