Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security Self-Assessment: [STRIDE-MULTIPLE] Cluster API Cloud Provider Security Guidance #6519

Closed
PushkarJ opened this issue May 13, 2022 · 12 comments
Closed

Security Self-Assessment: [STRIDE-MULTIPLE] Cluster API Cloud Provider Security Guidance #6519

PushkarJ opened this issue May 13, 2022 · 12 comments
Assignees
@NareshKoduru
Labels
area/security Issues or PRs related to security good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. kind/feature Categorizes issue or PR as related to a new feature. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. priority/backlog Higher priority than priority/awaiting-more-evidence. sig/security Categorizes an issue or PR as relevant to SIG Security. triage/accepted Indicates an issue or PR is ready to be actively worked on.

Comments

@PushkarJ
Copy link
Member

User Story

As a cloud provider I would like to know how to support Cluster API securely.

Detailed Description

  • Ensure credentials used by Cluster API are least privileged and setting access control on Cluster API controller namespaces to prevent unauthorized access by anyone other than cloud admin.
  • Implement 2FA for all maintainer accounts on Github. Apply the second pair of eyes principle when performing privileged actions such as image building or updates to the contents of the machine images.
  • Use short-lived credentials that are auto-renewed using node level attestation
  • Implement rate limits for creation, deletion and update of cloud resources
  • Any cloud resource not linked to a cluster after a fixed configurable period of time created by these cloud credentials, should be auto-deleted or marked for garbage collection

Related: kubernetes/sig-security#40
/kind feature
/area security
/sig security
@k8s-ci-robot k8s-ci-robot added kind/feature Categorizes issue or PR as related to a new feature. area/security Issues or PRs related to security sig/security Categorizes an issue or PR as relevant to SIG Security. labels May 13, 2022
@fabriziopandini
Copy link
Member

/milestone v1.2
Thanks for filing this issue; probably this should be divided into smaller issues, some of them to be addressed by providers
@yastij

@k8s-ci-robot k8s-ci-robot added this to the v1.2 milestone May 22, 2022
@fabriziopandini fabriziopandini added the triage/accepted Indicates an issue or PR is ready to be actively worked on. label Jul 29, 2022
@fabriziopandini fabriziopandini removed this from the v1.2 milestone Jul 29, 2022
@fabriziopandini fabriziopandini removed the triage/accepted Indicates an issue or PR is ready to be actively worked on. label Jul 29, 2022
@k8s-triage-robot
Copy link

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue or PR as fresh with /remove-lifecycle stale
  • Mark this issue or PR as rotten with /lifecycle rotten
  • Close this issue or PR with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Oct 27, 2022
@fabriziopandini
Copy link
Member

/lifecycle frozen
/triage accepted
/help

Still a valid point to document some general best practices, but providing specific guidance for each cloud infrastructure should be addressed by cloud providers

@k8s-ci-robot k8s-ci-robot added triage/accepted Indicates an issue or PR is ready to be actively worked on. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Nov 2, 2022
@k8s-triage-robot
Copy link

This issue has not been updated in over 1 year, and should be re-triaged.

You can:

  • Confirm that this issue is still relevant with /triage accepted (org members only)
  • Close this issue with /close

For more details on the triage process, see https://www.kubernetes.dev/docs/guide/issue-triage/

/remove-triage accepted

@k8s-ci-robot k8s-ci-robot added needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. and removed triage/accepted Indicates an issue or PR is ready to be actively worked on. labels Jan 19, 2024
@fabriziopandini
Copy link
Member

/priority backlog

@k8s-ci-robot k8s-ci-robot added the priority/backlog Higher priority than priority/awaiting-more-evidence. label Apr 12, 2024
@fabriziopandini
Copy link
Member

What we need is a new page in the book under security with the list of points from the description above.

/remove-help
/good-first issue

@k8s-ci-robot k8s-ci-robot removed the help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. label Apr 22, 2024
@fabriziopandini fabriziopandini added good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. triage/accepted Indicates an issue or PR is ready to be actively worked on. labels Apr 22, 2024
@k8s-ci-robot k8s-ci-robot removed the needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. label Apr 22, 2024
@NareshKoduru
Copy link
Contributor

What we need is a new page in the book under security with the list of points from the description above.

/remove-help /good-first issue

@fabriziopandini,
cloud-provider-best-practises would be a good name for this page?

@NareshKoduru NareshKoduru mentioned this issue Aug 30, 2024
Closed
@fabriziopandini
Copy link
Member

Considering that everything related to cloud infrastructure falls into the realm of infrastructure providers, let's call this paragraph "infrastructure provider security guidance" (we can eventually drop security, since it is already below the security chapter).

Also, please link the new page from a small "security guidelines" paragraph at the end of https://cluster-api.sigs.k8s.io/developer/providers/cluster-infrastructure and https://cluster-api.sigs.k8s.io/developer/providers/machine-infrastructure. Something like

##Security guidelines
Please refer to (infrastructure provider security guidance)[new page].

@NareshKoduru NareshKoduru mentioned this issue Sep 3, 2024
Merged
@NareshKoduru
Copy link
Contributor

Considering that everything related to cloud infrastructure falls into the realm of infrastructure providers, let's call this paragraph "infrastructure provider security guidance" (we can eventually drop security, since it is already below the security chapter).

Also, please link the new page from a small "security guidelines" paragraph at the end of https://cluster-api.sigs.k8s.io/developer/providers/cluster-infrastructure and https://cluster-api.sigs.k8s.io/developer/providers/machine-infrastructure. Something like

##Security guidelines Please refer to (infrastructure provider security guidance)[new page].

@fabriziopandini ,
I submitted #11131 with the inputs provided. Please review. Thanks

@sbueringer
Copy link
Member

@fabriziopandini Should this issue be closed, now that #11131 is merged?

@fabriziopandini
Copy link
Member

yes!
Thanks @NareshKoduru for the work!
/close

@k8s-ci-robot
Copy link
Contributor

@fabriziopandini: Closing this issue.

In response to this:

yes!
Thanks @NareshKoduru for the work!
/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@NareshKoduru NareshKoduru

Labels
area/security Issues or PRs related to security good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. kind/feature Categorizes issue or PR as related to a new feature. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. priority/backlog Higher priority than priority/awaiting-more-evidence. sig/security Categorizes an issue or PR as relevant to SIG Security. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@PushkarJ @sbueringer @fabriziopandini @k8s-ci-robot @k8s-triage-robot @NareshKoduru