We use Kubernetes Managed Kubernetes, and became recently concerned about the potential security vulnerability.
Access to the cluster is granted with the “kubeconfig” which contains Kubernetes API token. So the only thing it takes for anyone to get access to the entire cluster and application environment is to get content from that file.
Is there a recommended way of handling this problem? Is it possible to restrict access behind a firewall, or disable root type of access and use a solution like Teleport?
Please share your experience.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!