63cd4f5fdc
Incorporated patchset 1 review comments Updated patchset 5 review comments Updated patchset 6 review comments Fixed merge conflicts Updated patchset 8 review comments Change-Id: Icd7b08ab69273f6073b960a13cf59905532f851a Signed-off-by: Juanita-Balaraj <juanita.balaraj@windriver.com>
45 lines
810 B
ReStructuredText
45 lines
810 B
ReStructuredText
========
|
|
Security
|
|
========
|
|
|
|
----------
|
|
Kubernetes
|
|
----------
|
|
|
|
|prod-long| security encompasses a broad number of features.
|
|
|
|
|
|
.. _overview-of-starlingx-security-ul-ezc-k5f-p3b:
|
|
|
|
- |TLS| support on all external interfaces
|
|
|
|
- Kubernetes service accounts and |RBAC| policies for authentication and
|
|
authorization of Kubernetes API / CLI / GUI
|
|
|
|
- Encryption of Kubernetes Secret Data at Rest
|
|
|
|
- Keystone authentication and authorization of StarlingX API / CLI / GUI
|
|
|
|
- Barbican is used to securely store secrets such as BMC user passwords
|
|
|
|
- Networking policies / Firewalls on external APIs
|
|
|
|
- |UEFI| secureboot
|
|
|
|
- Signed software updates
|
|
|
|
.. toctree::
|
|
:maxdepth: 2
|
|
|
|
kubernetes/index
|
|
|
|
---------
|
|
OpenStack
|
|
---------
|
|
|
|
.. check what put here
|
|
|
|
.. toctree::
|
|
:maxdepth: 2
|
|
|
|
openstack/index |