You're reading from Kubernetes Secrets Handbook Design, implement, and maintain production-grade Kubernetes Secrets management solutions

Product type Paperback

Published in Jan 2024

Publisher

ISBN-13 9781805123224

Length 294 pages

Edition 1st Edition

Tools

Kubernetes

Concepts

Design

Authors (3):

Chen Xi

Emmanouil Gkatziouras

Rom Adams

Preface

1. Part 1:Introduction to Kubernetes Secrets Management FREE CHAPTER

2. Chapter 1: Understanding Kubernetes Secrets Management

3. Chapter 2: Walking through Kubernetes Secrets Management Concepts

4. Chapter 3: Encrypting Secrets the Kubernetes-Native Way

5. Chapter 4: Debugging and Troubleshooting Kubernetes Secrets

6. Part 2: Advanced Topics – Kubernetes Secrets in a Production Environment

7. Chapter 5: Security, Auditing, and Compliance

8. Chapter 6: Disaster Recovery and Backups

9. Chapter 7: Challenges and Risks in Managing Secrets

10. Part 3: Kubernetes Secrets Providers

11. Chapter 8: Exploring Cloud Secret Store on AWS

12. Chapter 9: Exploring Cloud Secret Store on Azure

13. Chapter 10: Exploring Cloud Secret Store on GCP

14. Chapter 11: Exploring External Secret Stores

15. Chapter 12: Integrating with Secret Stores

16. Chapter 13: Case Studies and Real-World Examples

17. Chapter 14: Conclusion and the Future of Kubernetes Secrets Management

18. Index

19. Other Books You May Enjoy

Security guidance for backup

Once we have decided on a backup strategy, it is essential to comply with certain guidelines that ensure the security of our backups:

Isolated environment with access control: To prevent unauthorized access, restrict access to the backup environment. Restricting access can be achieved with the following:
- IP whitelisting: Only allow specific IPs to access the backup storage, especially if it’s external.
- User access control: Differentiate between general users and admins. Use roles and permissions to grant differential access.
- Access through a VPN: Access to the resources that contain the backups should be permitted for individuals who are on the same network.
- Zero trust model: Implement a zero trust security model where no user or device is trusted by default, whether inside or outside the network.
At rest encryption with rotatable encryption keys: Encrypt backups when stored. Always use modern encryption standards. Regularly rotate the encryption...

The rest of the chapter is locked