...
Bottom line is to ensure / check any Kubernetes instances you manage are appropriately secured. Use of cloud managed Kubernetes platforms (AKS, EKS, GKE) will generally make this easier and give you more confidence compared to situations where you have to run your own cluster, as the cloud provider will take care of many aspects of configuration. But regardless, be aware that running a Kubernetes cluster well and securely is a big undertaking that requires serious, proactive and ongoing effort to keep things secure and maintained.
DevOps
It is possible to use DevOps techniques to automaticlly test and deploy Delf-FEWS configuration changes. See the following example on how to use Azure DevOps in combincation with the Workflow Test Runner and the Admin Interface API to automatically deploy the tested configuration:
Workflow Test Runner in Azure Devops
Best practices
https://cheatsheetseries.owasp.org/cheatsheets/Kubernetes_Security_Cheat_Sheet.html
https://cloudsecdocs.com/container_security/defensive/kubernetes/k8s_production_checklist/
https://media.defense.gov/2021/Aug/03/2002820425/-1/-1/1/CTR_KUBERNETES%20HARDENING%20GUIDANCE.PDF
DevOps
It is possible to use DevOps techniques to automaticlly test and deploy Delf-FEWS configuration changes. See the following example on how to use Azure DevOps in combincation with the Workflow Test Runner and the Admin Interface API to automatically deploy the tested configuration:
Workflow Test Runner in Azure Devops
Examples
Deltares has successfully completed Delft-FEWS projects in the cloud with virtual machines using standard installation scripts, using virtual machines with Azure ARM templates and AWS Elastic Beanstalk. For practical reasons, will keep our requirements / installation instructions as cloud neutral as possible.
...