kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
36,298 Commits 69 Branches 73 Tags 934 MiB
Commit Graph

176 Commits

Author SHA1 Message Date
Kubernetes Prow Robot aaaa6303f4
Merge pull request #37731 from sftim/20221105_tweak_psp_removal_page 
Tweak page about PodSecurityPolicy removal
 2022-11-08 11:14:19 -08:00
Tim Bannister 4e006c898d Tweak page about PSP removal 
- Remove reviewers (feature was removed)
- Use semi-custom Docsy callout to note the removal
- Stop stating that the API is deprecated; it's now actually removed.
 2022-11-05 18:22:27 +00:00
Abigail McCarthy 3174fdf2d4 Adjust page weights for /docs/concepts section 
Changes the page weights of the index files for folders in the /docs/concepts folder. There were some overlapping weights and weights that were close together.
 2022-11-04 10:13:53 -04:00
Christopher Negus 0f9b65b429 Add page weights to concepts -> security pages 2022-10-24 19:02:52 +00:00
Arhell 05a17c16fc [en] fix typo secrets-good-practices.md 2022-10-05 01:31:49 +03:00
Kubernetes Prow Robot 91ecbb977c
Merge pull request #36805 from harshchauhan1988/patch-2 
Adding recommendation for network isolation
 2022-09-30 06:54:28 -07:00
Shannon Kularathna d8132bcd35 Improve the RBAC policies section 
- Change the heading to be more goal-oriented and add an anchor
- Separate list items into 'component' and 'human' users
- Add info about get access and third-party authorization mechanisms for finer control
- Add caution for granting list access
 2022-09-22 16:07:06 +00:00
Shannon Kularathna 6ca919d4bd Add caution callout for base64 encoding 2022-09-22 16:07:06 +00:00
Shannon Kularathna 89b9c18121 Split developer content into headings and remove redundant points 
Add short description to cluster admin and dev section
 2022-09-22 16:07:06 +00:00
Shannon Kularathna 8eb3ae60f3 Move developer content below cluster admins 
Additionally, fixed a couple of markdown links to not line wrap
 2022-09-22 16:07:06 +00:00
Shannon Kularathna 502eac3635 Clean up etcd wording 2022-09-22 16:07:06 +00:00
Shannon Kularathna 4887467aa4 Add sections for cluster admins 
- Add section for encryption at rest
- Add section for RBAC
- Clean up RBAC bullets
- Move etcd bullets to own section on etcd management
- Add section for third party secret stores
 2022-09-22 16:07:06 +00:00
Shannon Kularathna 1c625d0659 Update glossary and move existing info to new page 
- Update glossary term for secrets
- Improve clarity of privileged container warning note
- Create a new page for Secrets good practices and bring existing content as-is to the page
- Add weights to pages
- Add link for good practices for secrets and remove moved content
 2022-09-22 16:07:05 +00:00
Kubernetes Prow Robot de922ae019
Merge pull request #36562 from windsonsea/secovy 
Fix typo and consistency: /security/overview.md
 2022-09-18 11:12:29 -07:00
harshchauhan1988 8ab4ebb376
Adding recommendation for network isolation 2022-09-14 15:00:14 +05:30
Kubernetes Prow Robot 5ada01a5ce
Merge pull request #36343 from tallclair/workload-creation 
Update RBAC best practices for workload creation
 2022-09-07 09:18:37 -07:00
Qiming Teng 0df6c75da0 Reformat multi-tenancy page 
When translating/synchronizing changes to the multi-tenancy page, we
found that the long lines are difficult for change tracking. This PR
changes nothing other than manually wrapping the long lines.
 2022-09-06 13:12:14 +08:00
windsonsea 922aed0bf8 Fix typo and consistency: /security/overview.md 2022-09-03 22:43:12 +08:00
liufangwai 7e23b9e97d
Update overview.md 
Add huawei cloud trust center link
 2022-09-03 17:45:26 +08:00
mtardy 32e47b31bb Fix a few mini typos in the API bypass security page 2022-09-02 19:41:24 +02:00
Kubernetes Prow Robot 09707c0aef
Merge pull request #35908 from raesene/main 
New Docs page for API Server Bypass Risks
 2022-09-02 09:14:06 -07:00
Kubernetes Prow Robot a5e96bfbc5
Merge pull request #33992 from mtardy/security-checklist 
Add a security checklist for clusters
 2022-09-01 13:13:19 -07:00
mtardy 9f5a35978f RBAC guide is presented as a checklist item 2022-09-01 11:44:55 +02:00
mtardy eb962b4c12 Rewrite the part on the Pod Security standards and admission 2022-09-01 11:43:28 +02:00
Mahé a4305381fb
Reword the service mesh suggestion 2022-08-31 18:29:59 +02:00
Mahé d4fcf2fc7c
Reword the secret injection suggestion 2022-08-31 18:29:43 +02:00
mtardy f14a7544e5 Rewrite the admission plugins list 2022-08-31 18:26:49 +02:00
mtardy 239dc4c2fe Fix a typo on the word securely 2022-08-31 17:54:20 +02:00
mtardy c006a43f97 Replace a wrong unicode space character 2022-08-31 17:51:51 +02:00
mtardy 63ae0a9521 Split checklist item and explanation 2022-08-31 17:38:42 +02:00
mtardy d40e9cfa89 Remove an empty line 2022-08-31 17:37:01 +02:00
Mahé 2f8388e830
Add precision about pod security with pod security standards 
Co-authored-by: Rey Lejano <rlejano@gmail.com>
 2022-08-31 17:35:03 +02:00
mtardy 0e81bfd8ef Detail and add info on the CPU and memory limit item 2022-08-31 17:32:00 +02:00
mtardy 7139aba954 Add some guidelines on how to read the doc 2022-08-31 17:17:56 +02:00
Mahé 949e499db3
Rewrite the checklist item on minimal container images 2022-08-31 16:55:31 +02:00
Mahé 5167ab5c88
Use correct name for PodSecurityPolicy admission controller 2022-08-31 16:55:05 +02:00
Mahé 777d396905
Remove warning on PodSecurityPolicy removal in 1.25 2022-08-31 16:54:30 +02:00
Tim Allclair 19894182dc Explain namespace subdividing better 2022-08-29 15:14:28 -07:00
Tim Allclair 6162bcde28 Update RBAC best practices for workload creation 2022-08-26 16:46:27 -07:00
Rory McCune 49bc9b34eb New docs page for API Server Bypass Risks 
New Docs page for API Server Bypass Risks

This is a new documentation page for the Security Concepts section, looking at the risks of attackers bypassing the Kubernetes API server.

We've been working on this in Kubernetes SIG-Security docs (issue [here](https://github.com/kubernetes/sig-security/issues/42))

Co-Authored-By: Shannon Kularathna <ax3shannonkularathna@gmail.com>
Co-Authored-By: Qiming Teng <tengqm@outlook.com>
Co-Authored-By: Tim Bannister <tim@scalefactory.com>
Co-Authored-By: Jordan Liggitt <jordan@liggitt.net>
 2022-08-25 17:25:58 +01:00
Kubernetes Prow Robot 56e78c2011
Merge pull request #34920 from mk46/en_crlftolf 
Convert CRLF to LF
 2022-08-24 14:15:50 -07:00
Kubernetes Prow Robot 28b1854383
Merge pull request #36198 from davidmlentz/patch-2 
Fix typo
 2022-08-23 21:57:48 -07:00
David M. Lentz 603f810903
Fix typo 
There are redundant instances of "future" in this sentence.
 2022-08-23 14:43:41 -06:00
Kubernetes Prow Robot c4a36a8067
Merge pull request #36165 from cathchu/merged-main-dev-1.25 
Merged main branch into dev-1.25
 2022-08-22 15:12:09 -07:00
cathchu e5ea8833be Merge remote-tracking branch 'upstream/main' into dev-1.25 2022-08-22 08:35:18 -04:00
Stanislav Kardashov a3064b1a36
[en] typo fix "privilge -> privilege" 2022-08-19 16:37:47 +03:00
ravisantoshgudimetla a1f6615206 Update pod security standards to use PodOS field 2022-08-18 15:47:41 -04:00
Jordan Liggitt b167938367 Scrub PSP docs for 1.25 2022-08-15 21:09:41 -04:00
Kubernetes Prow Robot 1476ac9203
Merge pull request #35618 from tallclair/psa-stable-1.25 
Update Pod Security Admission docs for graduation to stable
 2022-08-14 12:34:13 -07:00
mtardy b3a7965e3e Add the security checklist guide 
From the collaborative document with Savitha, Skybound and p4ck3t0,
after many edits thanks to the collaborators on the PR.

Co-authored-by: rschosser <88308339+rschosser@users.noreply.github.com>
Co-authored-by: Cailyn <cailyn.s.e@gmail.com>
Co-authored-by: Tim Bannister <tim@scalefactory.com>
Co-authored-by: Rey Lejano <rlejano@gmail.com>
Co-authored-by: Benjamin Koltermann <48812495+p4ck3t0@users.noreply.github.com>
Co-authored-by: Skybound1 <github@skybound.link>
Co-authored-by: divya-mohan0209 <divya.mohan0209@gmail.com>
 2022-08-12 11:22:14 +02:00