docs: add security considerations #909
Conversation
|
docs/docs/security-considerations.md
Outdated
| Thus, it's not possible to disambiguate, for example, pods spawned from a deployment, or to limit the amount of certificates issued per policy. | ||
|
|
||
| Container image references from Kubernetes resource definitions are taken into account when generating the policy. | ||
| A mutable reference may lead to policy failures or unverified image content, depending on the Contrast runtime. |
There was a problem hiding this comment.
We should probably try to catch this and either log a warning or abort entirely.
There was a problem hiding this comment.
Agreed, but I'd lean towards keeping the advice here for now and remove it once we agreed on a path forward (which is not obvious, considering other methods of integrity protection, like the tardev snapshotter or signed images).
There was a problem hiding this comment.
For sure, implementing that would be way out of the scope of this pr.
burgerdev
force-pushed
the
burgerdev/security-considerations
branch
2 times, most recently
from
69fb22d
to
35ff1cb
Compare
|
All feedback addressed. |
docs/docs/security-considerations.md
Outdated
| Container image references from Kubernetes resource definitions are taken into account when generating the policy. | ||
| A mutable reference may lead to policy failures or unverified image content, depending on the Contrast runtime. | ||
| Reliability and security can only be ensured with a full image reference, including digest. | ||
| The [`docker pull` documentation] explains pinned image references in detail. |
There was a problem hiding this comment.
That's a shortcut reference link. I like that it does not interrupt the sentence in the markdown source.
Co-authored-by: Tom Dohrmann <[email protected]> Co-authored-by: Moritz Eckert <[email protected]>
burgerdev
force-pushed
the
burgerdev/security-considerations
branch
from
35ff1cb
to
a72a9b6
Compare
I reconsidered and moved it into Architecture for now - don't think this needs to be a top level item. |
Outlines a couple of DOs and DON'Ts when writing apps for Contrast. The idea is that, after reading the recommendations, an author of a Kubernetes app can tell what's safe to do in YAML and what needs scrutiny.