Hi there,
We use Kubernetes Managed Kubernetes, and became recently concerned about the potential security vulnerability.
Access to the cluster is granted with the “kubeconfig” which contains Kubernetes API token. So the only thing it takes for anyone to get access to the entire cluster and application environment is to get content from that file.
Is there a recommended way of handling this problem? Is it possible to restrict access behind a firewall, or disable root type of access and use a solution like Teleport?
Please share your experience.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Sign up for Infrastructure as a Newsletter.
Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
This comment has been deleted