Azure
/
sg-aks-workshop
зеркало из https://github.com/Azure/sg-aks-workshop.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
sg-aks-workshop/validate-scenarios
История
Kevin Harris 1a4f21cb72 Added governance and security pieces. 2019-10-21 15:56:35 -05:00
..
README.md Added governance and security pieces. 2019-10-21 15:56:35 -05:00

README.md

Validate Scenarios

Now that we have implemented everything, let's go back and revisit our requirements and make sure they have been met.

Requirements

  • Leverage Existing Identity Mgmt Solution

  • Implement Security Least Privilege Principle

  • Log Everything for Audit Reporting purposes

  • Ensure Security Controls are being met (No Drifting)

  • Monitoring and Alerting Events

    • Alert when SSH into Container
    • Passwords are stored in ConfigMaps
    • Non-conformative K8s Namespace Added

  • Integrate with Existing SIEM

  • Deploy into Existing VNET with Ingress and Egress Restrictions

  • Container Registry Whitelisting

  • Ability to Chargeback to Line of Business

  • Secrets Mgmt

  • Container Image Mgmt

  • Restrict Creation of Public IPs

  • Implement & Deploy Image Processing Application

  • Easily rollout new versions of Application

Next Steps

Thought Leadership

Key Links

  • ???