trinaths
commented
2 months ago We recommend follow best practices for Kubernetes secrets and encrypting confidential data at rest.
Closed jokoyuliantoro closed 2 months ago
trinaths
commented
2 months ago We recommend follow best practices for Kubernetes secrets and encrypting confidential data at rest.
Title
Request for Strong-Encrypted BIG-IP Secrets
Description
CIS connects to BIG-IP and authenticate the connection with username and password. These sensitive authentication parameters are stored as Base64-encoded K8s secret.
Actual Problem
It is very easy to decode the BIGIP authentication parameters with Base64 decoding.
Solution Proposed
A strong encryption mechanism is required to store the BIG-IP's username and password in K8s to be used later by COS to connect to BIG-IP.