Case study

Pod Security Policies (PSP) in Kubernetes

Security is at the heart of each successful Kubernetes deployment. CodiLime’s R&D Team has conducted research on how to provide a high level of security in K8s by using a powerful built-in mechanism, Pod Security Policies.

Read more

Challenge

Security is one of the top challenges related to Kubernetes deployment. According to survey conducted by the Cloud Native Computing Foundation, 38% of respondents indicated that security was a major concern in using and deploying containers. Since, as this same survey showed, Kubernetes is also one of the most popular container-management tools, ensuring K8s clusters are secure is of the utmost importance.

Kubernetes Challegne

Results & benefits

Kubernetes benefits
  • Granular control over permissions assigned to particular users
  • Limited granting of potentially dangerous privileges that can lead to the functionality of pods/containers being broken
  • Avoiding sensitive data leakages, data destruction or taking control of underlying hardware and OS
  • Preventing privilege escalation
  • Preventing access to certain resources

Solution

We used one of the most powerful admission controllers - Pod Security Policies (PSP) - to control the actions users can perform on a Kubernetes cluster. If you would like to know more, read our two-part blog post on making a Kubernetes cluster secure.

Read more
neptune solution

Need support with your specific case?