Latest News
Read all latest blog posts
Learn AWS EKS Kubernetes cluster and devops in AWS (Part 1)
Learn AWS EKS Kubernetes cluster and devops in AWS (Part 1) Starting AWS EKS cluster manually in AWS web console
Read MoreCKS Kubesec - Security risk analysis for Kubernetes resources
Static Analysis manual approach kubesec OPA Conftest Notes can be incorporated in CI/CD system looks at source code and text files check against rules enforce rules e.
Read MoreCKS Image Footprint
run specific version do not run as root not shell read only filesystem This would be an ideal example of Dockerfile
Read MoreOPA - Gatekeeper
OPA is not Kubenretes specific general purpose policy engine An admission controller is a piece of code that intercepts requests to the Kubernetes API server prior to persistence of the object, but after the request is authenticated and authorized.
Read MoreCKS OS Level Security Domains
Define privilege and access control for Pod/Container userID and GroupID run privileged or unprivileged Linux Capabilities Run a simple container and check user and group root@scw-k8s:~# k run pod --image=busybox --command -oyaml --dry-run=client -- sh -c 'sleep 1d' > bb.
Read MoreHow to pre-commit hook
How to create pre-commit hooks in git repos: - repo: https://github.
Read More