microsoft / bedrock

Automation for Production Kubernetes Clusters with a GitOps Workflow
MIT License
129 stars 12 forks source link

As a developer I would like to know the best security practices for running a single cluster Kafka instance #514

Open andrebriggs opened 5 years ago

andrebriggs commented 5 years ago

Application Security

Infrastructure Security


Additional "bring your own certificate" needs:

andrebriggs commented 5 years ago

Additional scenario we could show guidance for:

Provide an example of how to achieve RBAC that limits access to the Kafka namespace from processes within Kubernetes. Effectively viewing the Kubernetes API as an attack surface for Kafka.

cc @sayar

sayar commented 5 years ago

Adding details to @andrebriggs's previous comment. Ideally, RBAC should be enabled in the cluster and a ClusterRole specified that can access the Kafka Resources in the Kafka Namespace. Any application (such as Prometheus) that uses the Kubernetes API to discover/access resources in a specific namespace should have a ServiceAccount that is bound to the previously specified ClusterRole. This will ensure that only applications that should know about the Kafka Kubernetes resources have access to them.