Google Kubernetes Engine Best Practices: Security
When you complete this activity, you can earn the badge displayed above! View all the badges you have earned by visiting your profile page. Boost your cloud career by showing the world the skills you have developed!
In this lab you learn how to improve the security of your Kubernetes Engine by applying fine-grained restrictions to limit intra-cluster network communication.
After provisioning two service accounts to represent user personas and three namespaces for dev, test, and prod, you will test the access controls of the personals in each namespace.
warning Google Kubernetes Engine Security: Binary Authorization
This lab deploys a Kubernetes Engine Cluster with the Binary Authorization feature enabled; you'll learn how to whitelist approved container registries and the process of creating and running a signed container.
This lab demonstrates some of the security concerns of a default GKE cluster configuration and the corresponding hardening measures to prevent multiple paths of pod escape and cluster privilege escalation