...
DevOps (Infrastructure as Code, Automatic deployments of config changes)
Security
Securing your cloud assets requires continuous investment in keeping your containers safe. An infamous example of malconfigured Kubernetes has been Tesla's unsecured admin console for a Kubernetes cluster (https://www.wired.com/story/cryptojacking-tesla-amazon-cloud/). This led to malicious actors getting hold of credentials for Tesla's wider AWS environment who used it for cryptomining. Tesla highlighted that it was a test instance "only", but this incident shows why it's really important to secure both production and pre-production resources as far as possible.
- do not use insecure keys
- do not inappropriately open network configuration on test instances because they are "just" test instances.
Bottom line is to ensure / check any Kubernetes instances you manage are appropriately secured. Use of cloud managed Kubernetes platforms (AKS, EKS, GKE) will generally make this easier and give you more confidence compared to situations where you have to run your own cluster, as the cloud provider will take care of many aspects of configuration. But regardless, be aware that running a Kubernetes cluster well and securely is a big undertaking that requires serious, proactive and ongoing effort to keep things secure and maintained.
Best practices & recommendations
...