Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Can Kubernetes Keep a Secret? - Women in AppSec Webinar

31 views

Published on

We’ve all experienced it: you’re working on a task, adding some code, and then you need to store some sensitive configuration value. It could be an API key, client secret or an encryption key ― something that’s highly sensitive and must be kept secret. And this is where things get messy. Usually, secret storage is highly coupled with how the code is deployed, and different platforms have different solutions. Kubernetes has a promise to simplify this process by using the native secret object, which, as the name implies, can be used to store secrets or sensitive configurations. Unfortunately, Kubernetes secrets are fundamentally broken, and a developer who tries to use them will definitely have some issues. But no need to worry ― there are solid alternatives for storing secrets securely on Kubernetes platform. One solution is to use Kamus, an open-source, git-ops solution, that created by Soluto, for managing secrets on Kubernetes. Kamus can encrypt a secret so it can be decrypted only by your app on runtime - and not by anyone else. The first part of this session will cover the challenges faced when using Kubernetes secrets (from a usability and security point of view). The second part will discuss some of the existing solutions (Sealed Secrets, Helm Secrets and others), their pros, and cons, and then feature Kamus: how it works, what problems it solves, how it differs from other solutions, and what threats it can help mitigate (and what threats it can’t). The talk will cover all that is required to know so you can run Kamus on your own cluster and use it for secret management. Join me for this session to learn how you can build a Kubernetes cluster than can keep a secret ― for real.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Can Kubernetes Keep a Secret? - Women in AppSec Webinar

  1. 1. @omerlh Can Kubernetes Keep a Secret? Omer Levi Hevroni October 2019
  2. 2. @omerlh@omerlh
  3. 3. @omerlh I’m a builder @omerlh
  4. 4. @omerlh DevSecOps @
  5. 5. @omerlh I OWASP • Zap contributor • Proud member • Glue project leader
  6. 6. @omerlh
  7. 7. @omerlh @omerlh Kubernetes: Container Orchestration Platform
  8. 8. @omerlh Containers
  9. 9. @omerlh Kubernetes 101 Kubernetes Icons Source: Kubernetes Community, Apache 2 license Cluster Name space
  10. 10. @omerlh
  11. 11. @omerlh Super-Devs: Full Responsibility ● Writing Code ● Deploying to Production ● Monitoring https://www.imdb.com/title/tt4016454/mediaviewer/rm2380811776
  12. 12. @omerlh Super-Devs Need Help ● Good tools to support them ● Make it harder to do mistakes ● Secure by design
  13. 13. @omerlh
  14. 14. @omerlh Kubernetes Manifest Files
  15. 15. @omerlh Manifests Files Code A GitOps Solution Kubernetes Icons Source: Kubernetes Community, Apache 2 license
  16. 16. @omerlh How do we manage secrets?
  17. 17. @omerlh Manifests Files Code Secret A GitOps Solution Kubernetes Icons Source: Kubernetes Community, Apache 2 license
  18. 18. @omerlh Requirements  GitOps  Kubernetes native  Secure  “One-way encryption”
  19. 19. @omerlh Pod is out of scope ● Who can “SSH” into it? ● What is running on the pod? ● Does the code leaked the secrets?
  20. 20. @omerlh Let’s Go!
  21. 21. @omerlh First iteration – Kubernetes Secrets
  22. 22. @omerlh https://kubernetes.io/docs/concepts/configuration/secret/
  23. 23. @omerlh Secrets Manifest File
  24. 24. @omerlh Requirements  GitOps  Kubernetes native  Secure
  25. 25. @omerlh@omerlh
  26. 26. @omerlh Secrets Manifest File
  27. 27. @omerlh Well, that complicates things… http://i.imgur.com/5ebYy62.jpg @omerlh
  28. 28. @omerlh Requirements  GitOps – under some serious limitations  Kubernetes native  Secure – depend on usage
  29. 29. @omerlh
  30. 30. @omerlh Travis Encrypted Secrets https://docs.travis-ci.com/user/encryption-keys/
  31. 31. @omerlh Eureka! http://theunprofessionalblog.blogspot.com/2016/04/whatsapp-this-is-killing-me.html
  32. 32. @omerlh Second iteration – Kamus Travis secret encryption – for Kubernetes
  33. 33. @omerlh What? ● An open source project by Soluto ● Allows to encrypt a secret for a specific application
  34. 34. @omerlh Application Identity?
  35. 35. @omerlh Service Account Token (JWT)
  36. 36. @omerlh Encrypting for a specific application
  37. 37. @omerlh Encrypting for a specific application
  38. 38. @omerlh Manifests Files Code Encrypted Secret A GitOps Solution Kubernetes Icons Source: Kubernetes Community, Apache 2 license
  39. 39. @omerlh Secret Decryption Kubernetes Icons Source: Kubernetes Community, Apache 2 license
  40. 40. @omerlh Kamus?
  41. 41. @omerlh Let’s talk about security
  42. 42. @omerlh Permission Model Encrypt Decrypt User Yes (Can be limited) No Pod Yes Only it’s own secrets
  43. 43. @omerlh Security Features ● Secured CLI ○ Enforce HTTPS ○ Support for certificate pinning ● Strong encryption (using Azure KeyVault, AWS/GCP KMS) ○ HSM protection ● One-way encryption ● Security tests
  44. 44. @omerlh Public Threat Model https://kamus.soluto.io/docs/threatmodeling/threats_controls/
  45. 45. @omerlh Security.md https://github.com/Soluto/kamus/blob/master/security.md
  46. 46. @omerlh Kamus - A perfect solution  GitOps  Kubernetes native  Secure
  47. 47. @omerlh How can I use it? ● Simply using helm: helm install kamus soluto/kamus ● Checkout the install guide for a secure installation ● Blog post - https://bit.ly/2T2Nhgs
  48. 48. @omerlh Wrapping Up
  49. 49. @omerlh Solutions GitOps Kubernetes Native Secure Kubernetes Secrets It depends Yes It depends Kamus Yes Yes Yes
  50. 50. @omerlh Can Kubernetes Keep a Secret? @omerlh
  51. 51. @omerlh Kamus Enable Super-Devs to Fly Higher https://www.imdb.com/title/tt4016454/mediaviewer/rm2380811776
  52. 52. @omerlh Thank You! Omer Levi Hevroni October 2019

×