Kubernetes Secrets Handbook
Packt Publishing Limited (Verlag)
978-1-80512-322-4 (ISBN)
Key Features
Master Secrets encryption, encompassing complex life cycles, key rotation, access control, backup, and recovery
Build your skills to audit Secrets consumption, troubleshoot, and optimize for efficiency and compliance
Learn how to manage Secrets through real-world cases, strengthening your applications’ security posture
Purchase of the print or Kindle book includes a free PDF eBook
Book DescriptionSecuring Secrets in containerized apps poses a significant challenge for Kubernetes IT professionals. This book tackles the critical task of safeguarding sensitive data, addressing the limitations of Kubernetes encryption, and establishing a robust Secrets management system for heightened security for Kubernetes.
Starting with the fundamental Kubernetes architecture principles and how they apply to the design of Secrets management, this book delves into advanced Kubernetes concepts such as hands-on security, compliance, risk mitigation, disaster recovery, and backup strategies. With the help of practical, real-world guidance, you’ll learn how to mitigate risks and establish robust Secrets management as you explore different types of external secret stores, configure them in Kubernetes, and integrate them with existing Secrets management solutions.
Further, you'll design, implement, and operate a secure method of managing sensitive payload by leveraging real use cases in an iterative process to enhance skills, practices, and analytical thinking, progressively strengthening the security posture with each solution.
By the end of this book, you'll have a rock-solid Secrets management solution to run your business-critical applications in a hybrid multi-cloud scenario, addressing operational risks, compliance, and controls.What you will learn
Explore Kubernetes Secrets, related API objects, and CRUD operations
Understand the Kubernetes Secrets limitations, attack vectors, and mitigation strategies
Explore encryption at rest and external secret stores
Build and operate a production-grade solution with a focus on business continuity
Integrate a Secrets Management solution in your CI/CD pipelines
Conduct continuous assessments of the risks and vulnerabilities for each solution
Draw insights from use cases implemented by large organizations
Gain an overview of the latest and upcoming Secrets management trends
Who this book is forThis handbook is a comprehensive reference for IT professionals to design, implement, operate, and audit Secrets in applications and platforms running on Kubernetes. For developer, platform, and security teams experienced with containers, this Secrets management guide offers a progressive path—from foundations to implementation—with a security-first mindset. You’ll also find this book useful if you work with hybrid multi-cloud Kubernetes platforms for organizations concerned with governance and compliance requirements.
Emmanouil Gkatziouras started his career in software as a Java developer. Since 2015, he has worked daily with cloud providers such as GCP, AWS and Azure, and container orchestration tools such as Kubernetes. He has fulfilled many roles, either in lead positions or as an individual contributor. He enjoys being a versatile engineer and collaborating with development, platform, and architecture teams. He loves to give back to the developer community by contributing to open-source projects and by blogging on various software topics. He is committed to continuous learning and is a holder of certifications such as CKA, CCDAK, PSM, CKAD, and PSO. He is the author of ‘A Developer's Essential Guide to Docker Compose'. Rom Adams (né Romuald Vandepoel) is an open-source and C-Suite advisor with 20 years of experience in the IT industry. He is a cloud-native expert who helps organizations to modernize and transform with open-source solutions. He is advising companies and lawmakers on their open- and inner-source strategies. Previously, a Principal Architect at Ondat, a cloud-native storage company acquired by Akamai, where he designed products and hybrid cloud solutions and held roles at Tyco, NetApp, and Red Hat becoming a subject matter expert in hybrid cloud. He was moderator and speaker for several events, sharing his insights on culture, process, technology adoption, and passion about open innovation. Chen Xi is a highly skilled Uber Platform Engineer. As a Tech Leader, he contributed to the Secret and Key Management Platform service, leading and delivering secrets as a service with a 99.99% SLA for thousands of Uber container services across hybrid environments. His cloud infrastructure prowess is evident from his work on Google Kubernetes Engine (GKE) and the integration of Spire-based PKI systems. Prior to joining Uber, he worked at VMware, where he developed microservices for VMware's Hybrid Kubernetes management platform (Tanzu Mission Control) and VMware Kubernetes Engine for multi-cloud (Cloud PKS). Chen is also a contributing author to the Certified Kubernetes Security Specialist (CKS) exam.
Table of Contents
Understanding Kubernetes Secret Management
Walking through Kubernetes Secret Management Concepts
Encrypting secrets in transit and at rest
Debugging and Troubleshooting Kubernetes Secrets
Security, Auditing and Compliance
Disaster Recovery and Backups
Challenges and Risk for Managing Secrets in Kubernetes Production Environment
Exploring Secret Storage on AWS
Exploring Secret Storage on Azure
Exploring Secret Storage on GCP
Exploring External Secret Store
Integrating with Secret Stores
Case Studies and Real-World Examples
Conclusion and Future of Kubernetes Secret Management
| Erscheinungsdatum | 28.12.2023 |
|---|---|
| Vorwort | Chris Jenkins |
| Verlagsort | Birmingham |
| Sprache | englisch |
| Maße | 191 x 235 mm |
| Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
| Mathematik / Informatik ► Informatik ► Theorie / Studium | |
| ISBN-10 | 1-80512-322-X / 180512322X |
| ISBN-13 | 978-1-80512-322-4 / 9781805123224 |
| Zustand | Neuware |
| Haben Sie eine Frage zum Produkt? |
aus dem Bereich
