5 important security settings you need to review for your GKE clusters
There are some very important settings related to security that you should regularly review in your Google Kubernetes Engine based K8S clusters Riyaz Walikar
Category: academy
-
![There are some very important settings related to security that you should regularly review in your Google Kubernetes Engine based K8S clusters Riyaz Walikar]()
-
![AWS IAM Roles Anywhere is a feature that allows non AWS workloads (servers, containers, apps etc.) to obtain temporary security credentials in IAM. These workloads can use the same IAM policies and IAM roles that AWS compute resources use with AWS applications to access AWS cloud.]()
Allowing non AWS workloads to access AWS services using AWS IAM Roles Anywhere
AWS IAM Roles Anywhere is a feature that allows non AWS workloads (servers, containers, apps etc.) to obtain temporary security credentials in IAM. These workloads can use the same IAM policies and IAM roles that AWS compute resources use with AWS applications to access AWS cloud.
-
![Having an access key for the Root user poses the risk of being misused or stolen, since this user has unrestricted access in the account. If your Root user also has access keys that you would like to remove, here is a step-by-step guide to do so.]()
How to remove AWS Root user access keys
Having an access key for the Root user poses the risk of being misused or stolen, since this user has unrestricted access in the account. If your Root user also has access keys that you would like to remove, here is a step-by-step guide to do so.
-
![Having IMDSv1 enabled on your instances allows attackers to use vulnerabilities like SSRF to gain access to sensitive information of your instances. In this article we will walk through the steps to update an EC2 instance from IMDSv1 to IMDSv2 using AWS CLI.]()
How to update IMDSv1 to more secure IMDSv2 on AWS
Having IMDSv1 enabled on your instances allows attackers to use vulnerabilities like SSRF to gain access to sensitive information of your instances. In this article we will walk through the steps to update an EC2 instance from IMDSv1 to IMDSv2 using AWS CLI.
-
![AWS IAM Roles Anywhere is a feature that allows non AWS workloads (servers, containers, apps etc.) to obtain temporary security credentials in IAM. These workloads can use the same IAM policies and IAM roles that AWS compute resources use with AWS applications to access AWS cloud.]()
Allowing non AWS workloads to access AWS services using AWS IAM Roles Anywhere
AWS IAM Roles Anywhere is a feature that allows non AWS workloads (servers, containers, apps etc.) to obtain temporary security credentials in IAM. These workloads can use the same IAM policies and IAM roles that AWS compute resources use with AWS applications to access AWS cloud.
-
![Unencrypted database connections allow attackers on the network to perform man-in-the-middle attacks that can be used to steal information and even modify data. In this article we will take a quick look at how to enable encryption for incoming connections on CloudSQL databases.]()
Enforce SSL/TLS for all incoming connections on CloudSQL Database Instances
Unencrypted database connections allow attackers on the network to perform man-in-the-middle attacks that can be used to steal information and even modify data. In this article we will take a quick look at how to enable encryption for incoming connections on CloudSQL databases.
