├── README.md ├── docs ├── 01-Introduction │ ├── 01-Course-Introduction.md │ ├── 02-Exam-Information.md │ └── 03-Join-our-Slack-Channel.md ├── 02-Understanding-the-Kubernetes-Attack-Surface │ ├── 01-The-Attack.md │ └── 02-The-4C's-of-Cloud-Native-security.md ├── 03-Cluster-Setup-and-Hardening │ ├── 01-Section-Introduction.md │ ├── 02-What-are-CIS-Benchmarks.md │ ├── 03-Lab-Run-CIS-Benchmark-Assessment-tool-on-Ubuntu.md │ ├── 04-CIS-benchmark-for-Kubernetes.md │ ├── 05-Kube-bench.md │ ├── 06-Lab-Kube-bench.md │ ├── 07-Kubernetes-Security-Primitives.md │ ├── 08-Authentication.md │ ├── 09-Service-Accounts.md │ ├── 10-Lab-Service-Accounts.md │ ├── 11-TLS-Introduction.md │ ├── 12-TLS-Basics.md │ ├── 13-TLS-in-Kubernetes.md │ ├── 14-TLS-in-Kubernetes-Certificate-Creation.md │ ├── 15-View-Certificate-Details.md │ ├── 16-Labs-View-Certificates.md │ ├── 17-Certificates-API.md │ ├── 18-Labs-Certificates-API.md │ ├── 19-KubeConfig.md │ ├── 20-Labs-KubeConfig.md │ ├── 21-API-Groups.md │ ├── 22-Authorization.md │ ├── 23-RBAC.md │ ├── 24-Labs-RBAC.md │ ├── 25-Cluster-Roles-and-Role-Bindings.md │ ├── 26-Labs-Cluster-Roles-and-Role-Bindings.md │ ├── 27-Kubelet-Security.md │ ├── 28-Labs-Kubelet-Security.md │ ├── 29-Kubectl-Proxy-Port-Forward.md │ ├── 30-Labs-Kubectl-Proxy-Port-Forward.md │ ├── 31-Kubernetes-Dashboard.md │ ├── 32-Securing-Kubernetes-Dashboard.md │ ├── 33-Labs-Securing-Kubernetes-Dashboard.md │ ├── 34-Verify-platform-binaries-before-deploying.md │ ├── 35-Labs-Verify-platform-binaries-before-deploying.md │ ├── 36-Kubernetes-Software-Versions.md │ ├── 37-Cluster-Upgrade-Process.md │ ├── 38-Demo-Cluster-Upgrade-Process.md │ ├── 39-Labs-Cluster-Upgrade-Process.md │ ├── 40-Network-Policy.md │ ├── 41-Developing-Network-Policies.md │ ├── 42-Labs-Network-Policies.md │ ├── 43-Ingress.md │ ├── 44-Labs-Ingress-1.md │ ├── 45-Ingress-Annotations-and-rewrite-target.md │ ├── 46-Labs-Ingress-2.md │ ├── 47-Docker-Service-Configuration.md │ ├── 48-Docker-Securing-the-Daemon.md │ └── 49-Cipher-Suites.md ├── 04-System-Hardening │ ├── 01-Section-Introduction.md │ ├── 02-Least-Privilege-Principle.md │ ├── 03-Minimize-host-OS-footprint-Intro.md │ ├── 04-Limit-Node-Access.md │ ├── 05-lab-Limit-Node-Access.md │ ├── 06-SSH-Hardening.md │ ├── 07-Privilege-Escalation-in-Linux.md │ ├── 08-Lab-SSH-Hardening-and-sudo.md │ ├── 09-Remove-Obsolete-Packages-and-Services.md │ ├── 10-Restrict-Kernel-Modules.md │ ├── 11-Identify-and-Disable-Open-Ports.md │ ├── 12-Lab-Identify-open-ports,-remove-packages-services.md │ ├── 13-Minimize-IAM-roles.md │ ├── 14-Minimize-external-access-to-the-network.md │ ├── 15-UFW-Firewall-Basics.md │ ├── 16-Lab-UFW-Firewall-Basics.md │ ├── 17-Linux-Syscalls.md │ ├── 18-AquaSecTracee.md │ ├── 19-Restrict-syscalls-using-seccomp.md │ ├── 20-Implement-Seccomp-in-Kubernetes.md │ ├── 21-Lab-Seccomp.md │ ├── 22-AppArmor.md │ ├── 23-Creating-AppArmor-Profiles.md │ ├── 24-AppArmor-in-Kubernetes.md │ ├── 25-Linux-Capabilities.md │ └── 26-Lab-AppArmor.md ├── 05-Minimize-Microservice-Vulnerabilities │ ├── 01-Section-Introduction.md │ ├── 02-Security-Contexts.md │ ├── 03-Labs-Security-Contexts.md │ ├── 04-Admission-Controllers.md │ ├── 05-Labs-Admission-Controllers.md │ ├── 06-Validating-and-Mutating-Admission-Controllers.md │ ├── 07-Labs-Validating-and-Mutating-Admission-Controllers.md │ ├── 08-Pod-Security-Policies.md │ ├── 09-PSA-and-PSS.md │ ├── 10-Understanding-PSP.md │ ├── 11-Labs-PSA.md │ ├── 12-Open-Policy-Agent-(OPA).md │ ├── 13-Labs-OPA.md │ ├── 14-OPA-Gatekeeper-in-Kubernetes.md │ ├── 15-Labs-OPA-in-Kubernetes.md │ ├── 16-Manage-Kubernetes-secrets.md │ ├── 17-Lab-Manage-Kubernetes-secrets.md │ ├── 18-Container-Sandboxing.md │ ├── 19-gVisor.md │ ├── 20-kata-Containers.md │ ├── 21-Runtime-Classes.md │ ├── 22-Using-Runtimes-in-Kubernetes.md │ ├── 23-Lab-Using-Runtimes-in-Kubernetes.md │ ├── 24-One-way-SSL-vs-Mutual-SSL.md │ ├── 25-Implement-pod-to-pod-encryption-by-use-of-mTLS.md │ ├── z-08a-Labs-PSP-retired.md │ └── z-13-OPA-in-Kubernetes-retired.md ├── 06-Supply-Chain-Security │ ├── 01-Section-Introduction.md │ ├── 02-Minimize-base-image-footprint.md │ ├── 03-Image-Security.md │ ├── 04-Labs-Image-Security.md │ ├── 05-Whitelist-Allowed-Registries-Image-Policy-Webhook.md │ ├── 06-Labs-Whitelist-Allowed-Registries-ImagePolicyWebhook.md │ ├── 07-Use-static-analysis-of-user-workloads.md │ ├── 08-Labs-kubesec.md │ ├── 09-Scan-images-for-known-vulnerabilities-(Trivy).md │ └── 10-Labs-Trivy.md ├── 07-Monitoring,-Logging-and-Runtime-Security │ ├── 01-Section-Introduction.md │ ├── 02-Perform-behavioral-analytics-of-syscall-process.md │ ├── 03-Falco-Overview-and-Installation.md │ ├── 04-Use-Falco-to-Detect-Threats.md │ ├── 05-Falco-Configuration-Files.md │ ├── 06-Labs-Use-Falco-to-detect-threats.md │ ├── 07-Mutable-vs-Immutable-Infrastructure-Mutable-vs-Immutable-Infrastructure.md │ ├── 08-Ensure-Immutability-of-Containers-at-Runtime.md │ ├── 09-Lab-Ensure-Immutability-of-Containers-at-Runtime.md │ ├── 10-Use-Audit-Logs-to-monitor-access.md │ └── 11-Labs-Use-Audit-Logs-to-monitor-access.md ├── 08-Mock-Exams │ ├── 01-Mock-Exams-Introduction.md │ ├── 02-Mock-Exam-1.md │ ├── 03-Mock-Exam-2.md │ └── 04-Mock-Exam-3.md └── 09-cks-challenges │ ├── 01-challenge-1.md │ ├── 02-challenge-2.md │ ├── 03-challenge-3.md │ ├── 04-challenge-4.md │ └── README.md ├── images ├── 4C.png ├── CVEScore.png ├── Readme.md ├── V1.png ├── abac.PNG ├── acc1.PNG ├── acc2.PNG ├── acc3.PNG ├── adm1.png ├── admissioncontroller1.png ├── allowed.png ├── allowedRules.png ├── annotations.PNG ├── api1.PNG ├── api10.PNG ├── api2.PNG ├── api3.PNG ├── api4.PNG ├── api5.PNG ├── api6.PNG ├── api7.PNG ├── api8.PNG ├── api9.PNG ├── app.PNG ├── apparmorProfiles.png ├── apparmorprofileBash.png ├── args.PNG ├── at1.PNG ├── auth1.PNG ├── auth2.PNG ├── auth3.PNG ├── auth4.PNG ├── auth5.PNG ├── auth6.PNG ├── bash.PNG ├── bc.PNG ├── be.PNG ├── be1.PNG ├── brc.PNG ├── ca.PNG ├── ca1.PNG ├── ca2.PNG ├── cap.PNG ├── cert.PNG ├── cert1.PNG ├── cert10.PNG ├── cert11.PNG ├── cert2.PNG ├── cert3.PNG ├── cert4.PNG ├── cert5.PNG ├── cert6.PNG ├── cert7.PNG ├── cert8.PNG ├── cert9.PNG ├── certs.PNG ├── challenge-1.png ├── challenge-2.png ├── challenge-3.png ├── challenge-4.png ├── class1.PNG ├── class10.PNG ├── class11.PNG ├── class12.PNG ├── class13.PNG ├── class14.PNG ├── class15.PNG ├── class16.PNG ├── class17.PNG ├── class18.PNG ├── class19.PNG ├── class2.PNG ├── class20.PNG ├── class3.PNG ├── class4.PNG ├── class5.PNG ├── class6.PNG ├── class7.PNG ├── class8.PNG ├── class9.PNG ├── cmd.PNG ├── cmd1.PNG ├── cmi.PNG ├── cmp.PNG ├── cmp1.PNG ├── cms.PNG ├── cmv.PNG ├── controlPlaneConfiguration.png ├── courseObjective.png ├── cp.PNG ├── cp1.PNG ├── cr1.PNG ├── crt1.PNG ├── crt2.PNG ├── crt3.PNG ├── crt4.PNG ├── cs.png ├── cs1.PNG ├── cs2.PNG ├── csd.PNG ├── csec.PNG ├── csi.PNG ├── csr.PNG ├── csr1.PNG ├── csr2.PNG ├── csr3.PNG ├── csr4.PNG ├── das.PNG ├── dask.PNG ├── db.PNG ├── dc.PNG ├── delete.png ├── deployment.PNG ├── deployment1.PNG ├── deployment2.PNG ├── docker-runtime.png ├── docker-runtime1.png ├── dockerDaemon1.png ├── dockerSVC.png ├── dockerSecure.png ├── dockerUserAccount.png ├── dp.PNG ├── drain.PNG ├── ds-uc-kp.PNG ├── ds-uc.PNG ├── ds-ucn.PNG ├── ds.PNG ├── ds1.PNG ├── ds2.PNG ├── dsd.PNG ├── dst.PNG ├── el.PNG ├── enc.PNG ├── entry.PNG ├── entry1.PNG ├── env.PNG ├── er.PNG ├── erest.PNG ├── etc1.PNG ├── etc2.PNG ├── etcd-ha.PNG ├── etcd.PNG ├── etcd1.PNG ├── etcdNodeConfiguration.png ├── etcdctl.PNG ├── etcdctl1.PNG ├── ex.PNG ├── examInfo.png ├── falco1.png ├── falco2.png ├── falcoRules.png ├── falcoconfig00.png ├── falcoconfig01.png ├── fwRules.png ├── gadvisor.png ├── gvisor-k8s.png ├── hpms.PNG ├── hrd.PNG ├── hrd1.PNG ├── hrd2.PNG ├── hrd3.PNG ├── hrd4.PNG ├── hrd5.PNG ├── hrd6.PNG ├── img1.PNG ├── img2.PNG ├── immutable20.png ├── ing1.PNG ├── ing2.PNG ├── jnode.PNG ├── jpod.PNG ├── k8s-arch.PNG ├── k8s-arch1.PNG ├── k8sDashboard.png ├── k8sNP.png ├── k8sRelease.png ├── k8sSSH.png ├── k8sauth.png ├── ka.PNG ├── kata1.png ├── kc1.PNG ├── kc10.PNG ├── kc11.PNG ├── kc12.PNG ├── kc2.PNG ├── kc3.PNG ├── kc4.PNG ├── kc5.PNG ├── kc6.PNG ├── kc7.PNG ├── kc8.PNG ├── kc9.PNG ├── kctl1.PNG ├── kctl2.PNG ├── kernel.png ├── kernelTouch.png ├── key-value.PNG ├── key-value1.PNG ├── key-value2.PNG ├── key-value3.PNG ├── kgn.PNG ├── kp.PNG ├── ks.PNG ├── ksec.PNG ├── kube-apiserver.PNG ├── kube-apiserver1.PNG ├── kube-apiserver2.PNG ├── kube-apiserver3.PNG ├── kube-apiserver4.PNG ├── kube-controller-manager.PNG ├── kube-controller-manager0.PNG ├── kube-controller-manager1.PNG ├── kube-controller-manager2.PNG ├── kube-controller-manager3.PNG ├── kube-proxy.PNG ├── kube-proxy1.PNG ├── kube-proxy2.PNG ├── kube-scheduler1.PNG ├── kube-scheduler2.PNG ├── kube-scheduler3.PNG ├── kube-scheduler4.PNG ├── kube-scheduler5.PNG ├── kube1.png ├── kubectl.PNG ├── kubelet.PNG ├── kubelet.png ├── kubelet1.PNG ├── kubelet2.PNG ├── kubeletConfig.png ├── kubeu.PNG ├── kubeu1.PNG ├── kubeu2.PNG ├── kubeu3.PNG ├── kublet.PNG ├── la.PNG ├── labels-ckc.PNG ├── labels.PNG ├── lables-animals.PNG ├── lc.PNG ├── lco.PNG ├── ld.PNG ├── ld1.PNG ├── leastPrivileges.png ├── lf.PNG ├── lg.PNG ├── linkerd.png ├── linuxCap.png ├── linuxcapK8s.png ├── linuxcapk8s1.png ├── lk.PNG ├── ln.PNG ├── loga.PNG ├── logs-k8s.png ├── logs.PNG ├── logs1.PNG ├── loop.PNG ├── lpod.PNG ├── lrs.PNG ├── lrs1.PNG ├── ls.PNG ├── lse.PNG ├── lstio1.png ├── lstio22.png ├── lstio3.png ├── lt.PNG ├── mcp.PNG ├── mcpc.PNG ├── mem.PNG ├── mmp.PNG ├── mode.PNG ├── mode1.PNG ├── mon.PNG ├── ms.PNG ├── ms1.PNG ├── msg.PNG ├── na.PNG ├── na1.PNG ├── na2.PNG ├── namespace.PNG ├── namespace1.PNG ├── nat.PNG ├── nats.PNG ├── nats1.PNG ├── net1.PNG ├── net10.PNG ├── net11.PNG ├── net12.PNG ├── net13.PNG ├── net14.PNG ├── net15.PNG ├── net2.PNG ├── net3.PNG ├── net4.PNG ├── net5.PNG ├── net6.PNG ├── net7.PNG ├── net8.PNG ├── net9.PNG ├── netstat.png ├── node-auth.png ├── node-controller.PNG ├── node.PNG ├── note.PNG ├── note1.PNG ├── np.PNG ├── npol.PNG ├── npol1.PNG ├── npol2.PNG ├── npol3.PNG ├── npol4.PNG ├── npolsec.PNG ├── ns-old.PNG ├── ns.PNG ├── ns1.PNG ├── ns10.PNG ├── ns11.PNG ├── ns12.PNG ├── ns13.PNG ├── ns2.PNG ├── ns3.PNG ├── ns4.PNG ├── ns5.PNG ├── ns6.PNG ├── ns7.PNG ├── ns8.PNG ├── ns9.PNG ├── nsec.PNG ├── nsel.PNG ├── nsel1.PNG ├── nsl.PNG ├── opt.PNG ├── os.PNG ├── other-controllers.PNG ├── parent.png ├── pki.PNG ├── pod.PNG ├── pod1.PNG ├── pod2.PNG ├── pod3.PNG ├── pod4.PNG ├── post.PNG ├── priv1.png ├── privateReg.png ├── prvr.PNG ├── prvr1.PNG ├── r1.PNG ├── r2.PNG ├── r3.PNG ├── r4.PNG ├── rb.PNG ├── rbac.PNG ├── rbac1.PNG ├── rbac2.PNG ├── rbac3.PNG ├── rbac4.PNG ├── rbac5.PNG ├── rc.PNG ├── rc1.PNG ├── rc2.PNG ├── rc3.PNG ├── rcd.PNG ├── rcd1.PNG ├── rci.PNG ├── rcrl.PNG ├── ref.PNG ├── relational-dbs.PNG ├── removepackage.png ├── replication-controller.PNG ├── requiredPorts.png ├── restrictKernel.png ├── restrictNetwork.png ├── rl.PNG ├── roles.PNG ├── rollc.PNG ├── rollv.PNG ├── rr-pod.PNG ├── rr.PNG ├── rs.PNG ├── rs1.PNG ├── rs2.PNG ├── rsc.PNG ├── rsl.PNG ├── rsl1.PNG ├── rsm.PNG ├── sc1.png ├── sc2.PNG ├── sc3.PNG ├── sec.PNG ├── seccompFilters.png ├── seccompModes.png ├── seccompdocker.png ├── seccompk8s.png ├── seccompk8sPod.png ├── secd.PNG ├── sech.PNG ├── seck.PNG ├── seco.PNG ├── secp.PNG ├── secpv.PNG ├── section4Intro.png ├── section5Intro.png ├── section6Intro.png ├── section7Intro.png ├── secv.PNG ├── simpleBashScript.png ├── sl.PNG ├── sleep.PNG ├── sleep1.PNG ├── sleep2.PNG ├── sort.PNG ├── sp.PNG ├── sp1.PNG ├── sp2.PNG ├── sp3.PNG ├── sp4.PNG ├── sp5.PNG ├── spvsds.PNG ├── srv-types.PNG ├── srv1.PNG ├── srv2.PNG ├── srv3.PNG ├── srv4.PNG ├── srvc1.PNG ├── srvc2.PNG ├── srvc3.PNG ├── srvnp.PNG ├── srvnp1.PNG ├── srvnp2.PNG ├── srvnp3.PNG ├── srvnp4.PNG ├── sshHarderning.png ├── stg1.PNG ├── stg2.PNG ├── stg3.PNG ├── sudo.png ├── sum.PNG ├── svc.PNG ├── sxc1.PNG ├── sxc2.PNG ├── tandt.PNG ├── tls.PNG ├── tls1.PNG ├── tn-na.PNG ├── tn-ns.PNG ├── tn-nsa.png ├── tn.PNG ├── tntm.PNG ├── tp.PNG ├── trace.png ├── tracee.png ├── traffic.PNG ├── trivy-nginx.png ├── up.PNG ├── up1.PNG ├── up2.PNG ├── view.PNG ├── vm1.png ├── web.PNG ├── web1.PNG ├── webhook.PNG └── wrk.PNG └── temp.json /docs/01-Introduction/01-Course-Introduction.md: -------------------------------------------------------------------------------- 1 | # Course Introduction 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/course-introduction/) 4 | 5 | **This course focuses on the Security parts of Kubernetes.** 6 | 7 | ## Course Structure 8 | 9 | - Lectures 10 | - Demos 11 | - Quizzes 12 | - Hands-on Labs 13 | - Slack Channel 14 | - Q & A Section 15 | 16 | ## Pre-Requisites 17 | 18 | - Docker 19 | - Reasonable grasp of Linux. This isn't taught in this course. 20 | - Basics of Kubernetes 21 | - PODS, Deployments, Services ... 22 | - YAML 23 | - Kubernetes Administrator Certification. You must hold a CKA that is not expired before the date for which you schedule a CKS exam. 24 | 25 | ### If you are a beginner with Linux then we highly recommend the Linux Basics course 26 | 27 | - Take me to the [Learning Linux Basics Course](https://kodekloud.com/courses/the-linux-basics-course/) 28 | 29 | ### If you are a beginner then we highly recommend the Kubernetes for the Absolute Beginners Hands-On course. 30 | 31 | - Take me to the [Kubernetes for the Absolute Beginners Hands-On Course](https://kodekloud.com/courses/kubernetes-for-the-absolute-beginners-hands-on/) 32 | - You must then follow this up with CKA... 33 | 34 | ### If you are not a beginner then we highly recommend the Certified Kubernetes Administrator (CKA) Course with Practice Tests course. 35 | 36 | - Take me to the [Certified Kubernetes Administrator (CKA) Course with Practice Tests](https://kodekloud.com/courses/certified-kubernetes-administrator-cka/) 37 | 38 | ## Course Objectives 39 | 40 | The objectives of this course are aligned to match the **`Certified Kubernetes Security Specialist (CKS)`** 41 | -------------------------------------------------------------------------------- /docs/01-Introduction/02-Exam-Information.md: -------------------------------------------------------------------------------- 1 | # Exam Information 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/exam-information/) 4 | ![Exam Info](../../images/examInfo.png) 5 | 6 | ## Certification Details 7 | 8 | - CKA certification (non-expired) is required to sit for this exam. 9 | 10 | - **`Certified Kubernetes Security Specialist`**: https://training.linuxfoundation.org/certification/certified-kubernetes-security-specialist/ 11 | 12 | - **`Exam Curriculum (Topics)`**: https://github.com/cncf/curriculum 13 | 14 | - **`Candidate Handbook`**: https://docs.linuxfoundation.org/tc-docs/certification/lf-candidate-handbook 15 | 16 | - **`Exam Tips`**: https://docs.linuxfoundation.org/tc-docs/certification/important-instructions-cks 17 | -------------------------------------------------------------------------------- /docs/01-Introduction/03-Join-our-Slack-Channel.md: -------------------------------------------------------------------------------- 1 | # Community Channel 2 | 3 | - Take me to [Join Slack](https://kodekloud.com/topic/join-our-slack-channel-2/) 4 | 5 | -------------------------------------------------------------------------------- /docs/02-Understanding-the-Kubernetes-Attack-Surface/01-The-Attack.md: -------------------------------------------------------------------------------- 1 | # The-Attack 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/the-attack/) 4 | -------------------------------------------------------------------------------- /docs/02-Understanding-the-Kubernetes-Attack-Surface/02-The-4C's-of-Cloud-Native-security.md: -------------------------------------------------------------------------------- 1 | # The 4C's of Cloud Native security 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/the-4cs-of-cloud-native-security/) 4 | 5 | In this section, we will take a look at `The 4C's of Cloud Native security`. 6 | 7 | ![4C's](../../images/4C.png) 8 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/01-Section-Introduction.md: -------------------------------------------------------------------------------- 1 | # Section Introduction 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/section-introduction-10/) 4 | 5 | 6 | In this section, we will take a look at `Section Introduction of Cluster Setup & Hardening`: 7 | 8 | - CIS Benchmarks 9 | - Authentication 10 | - Authorization 11 | - Securing Kubernetes Dashboard 12 | - TLS Introduction 13 | - Verifying Platform Binaries 14 | - Network Policies 15 | - Securing Ingress 16 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/02-What-are-CIS-Benchmarks.md: -------------------------------------------------------------------------------- 1 | # What-are-CIS-Benchmarks 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/what-are-cis-benchmarks/) 4 | 5 | In this section, we will take a look at `What are the CIS Benchmarks`. 6 | 7 | - The full form of CIS is **`Center for internet Security`**. 8 | 9 | - CIS is a forward-thinking nonprofit that harnesses the power of a global IT community to safeguard public and private organizations against cyber threats. 10 | 11 | - CIS Benchmarks https://www.cisecurity.org/cis-benchmarks/ 12 | 13 | 14 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/04-CIS-benchmark-for-Kubernetes.md: -------------------------------------------------------------------------------- 1 | # CIS benchmark for Kubernetes 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/cis-benchmark-for-kubernetes/) 4 | 5 | In this section we will take a look at `CIS benchmark for Kubernetes`. 6 | 7 | - Download CIS Kubernetes Benchmark version 1.6.0 https://www.cisecurity.org/benchmark/kubernetes/ 8 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/05-Kube-bench.md: -------------------------------------------------------------------------------- 1 | # Kube bench 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/kube-bench/) 4 | 5 | In this section we will take a look at the `Kube bench` tool. 6 | 7 | - `kube-bench` is a Go application that checks whether Kubernetes is deployed securely by running the checks documented in the CIS Kubernetes Benchmark https://www.cisecurity.org/benchmark/kubernetes/. 8 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/06-Lab-Kube-bench.md: -------------------------------------------------------------------------------- 1 | # Lab - Kube-bench 2 | 3 | - Take me to the [Lab](https://kodekloud.com/topic/lab-kube-bench/) 4 | 5 | Solutions for lab - Kube-bench:- 6 | 7 | - Kube bench is a product of **`Aqua Security`** company. 8 | 9 | - kube-bench should be used for **`To check whether Kubernetes is deployed as per security best practices`** 10 | 11 | - Install the kube-bench with version v0.4.0 under the `/root` directory 12 | ```sh 13 | curl -L https://github.com/aquasecurity/kube-bench/releases/download/v0.4.0/kube-bench_0.4.0_linux_amd64.tar.gz -o kube-bench_0.4.0_linux_amd64.tar.gz 14 | tar -xvf kube-bench_0.4.0_linux_amd64.tar.gz 15 | ``` 16 | 17 | - There are **`7`** tests passed for Etcd Node Configuration 18 | 19 | ![Etcd Node Configuration](../../images/etcdNodeConfiguration.png) 20 | 21 | - There are **`0`** tests failed for Control Plane Configuration 22 | 23 | ![Control Plane Configuration](../../images/controlPlaneConfiguration.png) 24 | 25 | - Fix this failed test 1.3.1 Ensure that the `--terminated-pod-gc-threshold` argument is set as appropriate. **`1.3.1 Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the master node and set the --terminated-pod-gc-threshold to an appropriate threshold, for example: --terminated-pod-gc-threshold=10`** 26 | 27 | - The **`1.3.6 Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml 28 | on the master node and set the --feature-gates parameter to include RotateKubeletServerCertificate=true. --feature-gates=RotateKubeletServerCertificate=true`** is used to fix the failed test 1.3.6 Ensure that the `RotateKubeletServerCertificate` argument is set to true. 29 | 30 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/07-Kubernetes-Security-Primitives.md: -------------------------------------------------------------------------------- 1 | # Kubernetes Security Primitives 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/kubernetes-security-primitives-2/) 4 | 5 | In this section we will take a look at `Kubernetes Security Primitives`. 6 | 7 | - The kube-apiserver is at the center of all operations within kubernetes. We interact with it through the kubectl utility or by accessing the API directly and through that you can perform almost any operation on the cluster. So that's the first line of defense. 8 | 9 | - All communication with the cluster, between the various components such as the ETCD cluster, kube controller manager, scheduler, apiserver, as well as those running on the worker nodes such as the kubelet and kube-proxy is secured using TLS encryption. 10 | 11 | 12 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/08-Authentication.md: -------------------------------------------------------------------------------- 1 | # Authentication 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/authentication-2/) 4 | 5 | In this section we will take a look at `Authentication`. 6 | 7 | - There are different authentication mechanisms that can be configured. You can have a list of username and passwords in a static password file, or usernames and tokens in a static token file, or you can authenticate using certificates. And another option is to connect to third party authentication protocols like LDAP, Kerberos etc. 8 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/09-Service-Accounts.md: -------------------------------------------------------------------------------- 1 | # Service Accounts 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/service-accounts/) 4 | 5 | In this section we will take a look at `Service Accounts` in Kubernetes. 6 | 7 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/10-Lab-Service-Accounts.md: -------------------------------------------------------------------------------- 1 | # Lab - Service Accounts 2 | 3 | - Take me to the [Lab](https://kodekloud.com/topic/lab-service-accounts/) 4 | 5 | Solutions for lab - Service Accounts:- 6 | 7 | - There is **`1`** service account in the default namespace. 8 | 9 | ``` 10 | Run the command 'kubectl get serviceaccounts' and count the number of accounts. 11 | ``` 12 | 13 | - The **`default-token-bxx92`** is the secret token used by the default service account. 14 | 15 | ``` 16 | Run the command 'kubectl describe serviceaccount default' and look at the token field. 17 | ``` 18 | 19 | - The state of the dashboard **`failed`**. 20 | 21 | - The **`Service Account`** is the type of account does the Dashboard application use to query the Kubernetes API. 22 | 23 | - Which account does the Dashboard application use to query the Kubernetes API? **`Default`** 24 | 25 | - **`/var/run/secrets`** is the location of the ServiceAccount credentials available within the pod. 26 | 27 | ``` 28 | Run the command 'kubectl describe pod' and look for volume mount path. 29 | ``` 30 | 31 | - The command **`kubectl create serviceaccount dashboard-sa`** is used to create a new ServiceAccount named 'dashboard-sa'. 32 | 33 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/11-TLS-Introduction.md: -------------------------------------------------------------------------------- 1 | # TLS Introduction 2 | 3 | - Take me to [Video Tutorial](https://kodekloud.com/topic/tls-introduction-2/) 4 | 5 | In this section we will take a look at `TLS Introduction`. 6 | 7 | - What are TLS certificates? 8 | - How does kubernetes use certificates? 9 | - How to generate them? 10 | - How to configure them? 11 | - How to view them? 12 | - How to troubleshoot issues related to certificates 13 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/13-TLS-in-Kubernetes.md: -------------------------------------------------------------------------------- 1 | # TLS in Kubernetes 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/tls-in-kubernetes-2/) 4 | 5 | In this section, we will take a look at `TLS in Kubernetes`. 6 | 7 | The two primary requirements are to have all the various services within the cluster to use server certificates and all clients to use client certificates to verify they are who they say they are. 8 | - Server Certificates for Servers 9 | - Client Certificates for Clients 10 | 11 | ![tls](../../images/tls.PNG) 12 | 13 | Let's look at the different components within the k8s cluster and identify the various servers and clients and who talks to whom. 14 | 15 | ![certs](../../images/certs.PNG) 16 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/15-View-Certificate-Details.md: -------------------------------------------------------------------------------- 1 | # View Certificate Details 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/view-certificate-details-2/) 4 | 5 | In this section, we will take a look at `View Certificate Details`. 6 | 7 | ## View Certs 8 | ![hrd](../../images/hrd.PNG) 9 | 10 | ![hrd1](../../images/hrd1.PNG) 11 | 12 | - To view the details of the certificate. 13 | ``` 14 | $ openssl x509 -in /etc/kubernetes/pki/apiserver.crt -text -noout 15 | ``` 16 | 17 | ![hrd2](../../images/hrd2.PNG) 18 | 19 | #### Follow the same procedure to identify information about all of the other certificates. 20 | 21 | ![hrd3](../../images/hrd3.PNG) 22 | 23 | ## Inspect Server Logs - Hardway setup 24 | - Inspect server logs using `journalctl` command. 25 | ``` 26 | $ journalctl -u etcd.service -l 27 | ``` 28 | 29 | ![hrd4](../../images/hrd4.PNG) 30 | 31 | ## Inspect Server Logs - kubeadm setup 32 | - View logs using `kubectl` tool. 33 | ``` 34 | $ kubectl logs etcd-master 35 | ``` 36 | ![hrd5](../../images/hrd5.PNG) 37 | 38 | - View logs using `docker ps` and `docker logs` command. 39 | ``` 40 | $ docker ps -a 41 | $ docker logs 42 | ``` 43 | ![hrd6](../../images/hrd6.PNG) 44 | 45 | #### K8s Reference Docs 46 | 47 | - https://kubernetes.io/docs/setup/best-practices/certificates/#certificate-paths 48 | 49 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/21-API-Groups.md: -------------------------------------------------------------------------------- 1 | # API-Groups 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/api-groups-2/) 4 | 5 | In this section, we will take a look at `API-Groups`. 6 | 7 | ## To return version and list pods via API's 8 | 9 | ![api3](../../images/api3.PNG) 10 | 11 | - The kubernetes API is grouped into multiple such groups based on their purpose. Such as one for **`APIs`**, one for **`healthz`**, **`metrics`** and **`logs`** etc. 12 | 13 | ![api4](../../images/api4.PNG) 14 | 15 | ## API and APIs 16 | - These APIs are categorized into two. 17 | - The core group - Where all the functionality exists 18 | 19 | ![api5](../../images/api5.PNG) 20 | 21 | - The Named group - More organized and going forward all the newer features are going to be made available to these named groups. 22 | 23 | ![api6](../../images/api6.PNG) 24 | 25 | - To list all the api groups 26 | 27 | ![api7](../../images/api7.PNG) 28 | 29 | ## Note on accessing the kube-apiserver 30 | - You have to authenticate by passing the certificate files. 31 | 32 | ![api8](../../images/api8.PNG) 33 | 34 | - An alternate is to start a **`kubeproxy`** client 35 | 36 | ![api9](../../images/api9.PNG) 37 | 38 | ## kube proxy vs kubectl proxy 39 | 40 | ![kp](../../images/kp.PNG) 41 | 42 | ## Key Takeaways 43 | 44 | ![api10](../../images/api10.PNG) 45 | 46 | #### K8s Reference Docs 47 | 48 | - https://kubernetes.io/docs/concepts/overview/kubernetes-api/ 49 | - https://kubernetes.io/docs/reference/using-api/api-concepts/ 50 | - https://kubernetes.io/docs/tasks/extend-kubernetes/http-proxy-access-api/ 51 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/22-Authorization.md: -------------------------------------------------------------------------------- 1 | # Authorization 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/authorization-2/) 4 | 5 | In this section, we will take a look at `Authorization`. 6 | 7 | ## Why do you need Authorization in your cluster? 8 | - As an admin, you can do all operations 9 | ``` 10 | $ kubectl get nodes 11 | $ kubectl get pods 12 | $ kubectl delete node worker-2 13 | ``` 14 | 15 | ![at1](../../images/at1.PNG) 16 | 17 | ## Authorization Mechanisms 18 | - There are different authorization mechanisms supported by kubernetes 19 | - Node Authorization 20 | - Attribute-based Authorization (ABAC) 21 | - Role-Based Authorization (RBAC) 22 | - Webhook 23 | 24 | ## Node Authorization 25 | 26 | ![node-auth](../../images/node-auth.png) 27 | 28 | ## ABAC 29 | 30 | ![abac](../../images/abac.PNG) 31 | 32 | ## RBAC 33 | 34 | ![rbac](../../images/rbac.PNG) 35 | 36 | ## Webhook 37 | 38 | ![webhook](../../images/webhook.PNG) 39 | 40 | ## Authorization Modes 41 | - The mode options can be defined on the kube-apiserver 42 | 43 | ![mode](../../images/mode.PNG) 44 | 45 | - When you specify multiple modes, it will authorize in the order in which it is specified 46 | 47 | ![mode1](../../images/mode1.PNG) 48 | 49 | 50 | #### K8s Reference Docs 51 | 52 | - https://kubernetes.io/docs/reference/access-authn-authz/authorization/ 53 | 54 | 55 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/27-Kubelet-Security.md: -------------------------------------------------------------------------------- 1 | # Kubelet Security 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/kubelet-security/) 4 | 5 | In this section, we will take a look at `Kubelet Security`. 6 | 7 | - Kubelet is not installed by kubeadm. 8 | - A subset of the Kubelet's configuration parameters may be set via an on-disk config file, as a substitute for command-line flags and providing parameters via a config file is the recommended. 9 | ![kubelet](../../images/kubeletConfig.png) 10 | 11 | - Kubelet expose HTTPS endpoints which grant powerful control over the node and containers. By default, Kubelet allow unauthenticated access to this API. 12 | 13 | - Production clusters should enable Kubelet authentication and authorization. 14 | 15 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/29-Kubectl-Proxy-Port-Forward.md: -------------------------------------------------------------------------------- 1 | # Kubectl Proxy & Port Forward 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/kubectl-proxy-port-forward/) 4 | 5 | In this section, we will take a look at `Kubectl Proxy` & `Port Forward`. 6 | 7 | - Kubectl handles locating and authenticating to the apiserver. If you want to directly access the REST API with a http client like curl or wget, or a browser, there are several ways to locate and authenticate: 8 | 9 | - Run kubectl in proxy mode. 10 | - Uses stored apiserver location. 11 | - Verifies identity of apiserver using self-signed cert. 12 | 13 | 14 | #### Using kubectl proxy 15 | The following command runs kubectl in a mode where it acts as a reverse proxy. It handles locating the apiserver and authenticating. 16 | 17 | kubectl proxy --port=8080 18 | 19 | 20 | #### Using kubectl port-forward 21 | kubectl port-forward allows using resource name, such as a pod name, to select a matching pod to port forward to. 22 | 23 | kubectl port-forward service/nginx 28080:80 24 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/31-Kubernetes-Dashboard.md: -------------------------------------------------------------------------------- 1 | # Kubernetes Dashboard 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/kubernetes-dashboard/) 4 | 5 | 6 | In this section, we will take a look at `Kubernetes Dashboard`. 7 | 8 | - Dashboard is a web-based Kubernetes user interface. You can use Dashboard to deploy containerized applications to a Kubernetes cluster, troubleshoot your containerized application, and manage the cluster resources. You can use Dashboard to get an overview of applications running on your cluster, as well as for creating or modifying individual Kubernetes resources (such as Deployments, Jobs, DaemonSets, etc). For example, you can scale a Deployment, initiate a rolling update, restart a pod or deploy new applications using a deploy wizard. 9 | 10 | ![k8sDashboard](../../images/k8sDashboard.png) 11 | 12 | - Kubernetes Dashboard is accessible to anyone by default. 13 | 14 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/32-Securing-Kubernetes-Dashboard.md: -------------------------------------------------------------------------------- 1 | # Securing Kubernetes Dashboard 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/securing-kubernetes-dashboard/) 4 | 5 | In this section, we will take a look at `Securing Kubernetes Dashboard`. 6 | 7 | - Dashboard supports logging in with a Bearer Token and KubeConfig. 8 | 9 | ![k8sDashboard](../../images/k8sauth.png) 10 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/34-Verify-platform-binaries-before-deploying.md: -------------------------------------------------------------------------------- 1 | # Verify platform binaries before deploying 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/verify-platform-binaries-before-deploying/) 4 | 5 | In this section, we will take a look at `Verify platform binaries before deploying`. 6 | 7 | - K8s Reference docs 8 | 9 | - https://kubernetes.io/docs/setup/release/notes/ 10 | - https://github.com/kubernetes/kubernetes/tree/master/CHANGELOG 11 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/35-Labs-Verify-platform-binaries-before-deploying.md: -------------------------------------------------------------------------------- 1 | # Lab - Verify Platform Binaries before deploying 2 | 3 | - Take me to the [Lab](https://kodekloud.com/topic/labs-verify-platform-binaries/) 4 | 5 | Solutions to Lab - Verify Platform Binaries before deploying. 6 | 7 | - Run command 8 | 9 |
10 | 11 | ``` 12 | $ wget -O /opt/kubernetes.tar.gz https://dl.k8s.io/v1.20.0/kubernetes.tar.gz 13 | 14 | ``` 15 |
16 | 17 | - Run command 18 | 19 |
20 | 21 | ``` 22 | $ shasum -a512 /opt/kubernetes.tar.gz 23 | 24 | ``` 25 |
26 | 27 | - Run 28 | 29 |
30 | 31 | ``` 32 | 33 | $ cd /opt/ 34 | 35 | $ tar -xf kubernetes.tar.gz 36 | 37 | $ cd kubernetes 38 | 39 | $ echo "v1.20.0-modified" > version 40 | 41 | $ cd .. 42 | 43 | $ tar -czf kubernetes-modified.tar.gz kubernetes 44 | 45 | $ shasum -a512 kubernetes-modified.tar.gz 46 | 47 | ``` 48 |
49 | 50 | - Run command 51 | 52 |
53 | 54 | ``` 55 | $ shasum -a512 /opt/kubernetes.tar.gz 56 | 57 | ``` 58 |
59 | 60 | 61 | 62 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/36-Kubernetes-Software-Versions.md: -------------------------------------------------------------------------------- 1 | # Kubernetes Software Versions 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/kubernetes-software-versions-2/) 4 | 5 | In this section, we will take a look at `Kubernetes Software Versions`. 6 | 7 | - Kubernetes release version consists of three parts. 8 | 9 | ![k8sRelease](../../images/k8sRelease.png) 10 | 11 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/38-Demo-Cluster-Upgrade-Process.md: -------------------------------------------------------------------------------- 1 | # Demo Cluster Upgrade Process 2 | 3 | - Take me to the [Demo](https://kodekloud.com/topic/demo-cluster-upgrade-2/) 4 | 5 | In this section, we will take a look at `Demo Cluster Upgrade Process`. 6 | 7 | - Reference https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/ 8 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/40-Network-Policy.md: -------------------------------------------------------------------------------- 1 | # Network Policy 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/network-policy/) 4 | 5 | In this section, we will take a look at `Network Policy`. 6 | 7 | #### Traffic flowing through a webserver serving frontend to users an app server serving backend API and a database server 8 | 9 | ![traffic](../../images/traffic.PNG) 10 | 11 | - There are two types of traffic 12 | - Ingress 13 | - Egress 14 | 15 | ![ing1](../../images/ing1.PNG) 16 | 17 | ![ing2](../../images/ing2.PNG) 18 | 19 | ## Network Security 20 | 21 | ![nsec](../../images/nsec.PNG) 22 | 23 | ## Network Policy 24 | 25 | ![npol](../../images/npol.PNG) 26 | 27 | ![npol1](../../images/npol1.PNG) 28 | 29 | ## Network Policy Selectors 30 | 31 | ![npolsec](../../images/npolsec.PNG) 32 | 33 | ## Network Policy Rules 34 | 35 | ![npol2](../../images/npol2.PNG) 36 | 37 | ## Create network policy 38 | 39 | - To create a network policy 40 | ``` 41 | apiVersion: networking.k8s.io/v1 42 | kind: NetworkPolicy 43 | metadata: 44 | name: db-policy 45 | spec: 46 | podSelector: 47 | matchLabels: 48 | role: db 49 | policyTypes: 50 | - Ingress 51 | ingress: 52 | - from: 53 | - podSelector: 54 | matchLabels: 55 | role: api-pod 56 | ports: 57 | - protocol: TCP 58 | port: 3306 59 | ``` 60 | ``` 61 | $ kubectl create -f policy-definition.yaml 62 | ``` 63 | 64 | ![npol3](../../images/npol3.PNG) 65 | 66 | ![npol4](../../images/npol4.PNG) 67 | 68 | ## Note 69 | 70 | ![note1](../../images/note1.PNG) 71 | 72 | #### K8s Reference Docs 73 | - https://kubernetes.io/docs/concepts/services-networking/network-policies/ 74 | - https://kubernetes.io/docs/tasks/administer-cluster/declare-network-policy/ 75 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/41-Developing-Network-Policies.md: -------------------------------------------------------------------------------- 1 | # Developing Network Policies 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/developing-network-policies-3/) 4 | 5 | In this section, we will take a look at `Developing Network Policies`. 6 | 7 | ## Create network policy 8 | 9 | - ![NP](../../images/k8sNP.png) 10 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/45-Ingress-Annotations-and-rewrite-target.md: -------------------------------------------------------------------------------- 1 | # Ingress Annotations and rewrite-target 2 | 3 | - Take me to the [Tutorial](https://kodekloud.com/topic/ingress-annotations-and-rewrite-target-2/) 4 | 5 | In this section, we will take a look at `Ingress Annotations and rewrite-target`. 6 | 7 | 8 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/47-Docker-Service-Configuration.md: -------------------------------------------------------------------------------- 1 | # Docker Service Configuration 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/docker-service-configuration-2/) 4 | 5 | In this section, we will take a look at `Docker Service Configuration`. 6 | 7 | ### Check Docker service status 8 | 9 | ![dockerSVC](../../images/dockerSVC.png) 10 | 11 | 12 | ### Docker Daemon Configuration File 13 | 14 | ![dockerDaemon](../../images/dockerDaemon1.png) 15 | -------------------------------------------------------------------------------- /docs/03-Cluster-Setup-and-Hardening/48-Docker-Securing-the-Daemon.md: -------------------------------------------------------------------------------- 1 | # Docker Securing the Daemon 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/docker-securing-the-daemon/) 4 | 5 | In this section, we will take a look at `Docker Securing the Daemon`. 6 | 7 | ### Secure Docker Server 8 | ![dockerSecure](../../images/dockerSecure.png) 9 | 10 | -------------------------------------------------------------------------------- /docs/04-System-Hardening/01-Section-Introduction.md: -------------------------------------------------------------------------------- 1 | # Section Introduction 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/section-introduction-6/) 4 | 5 | In this section, we will take a look at `System Hardening`. 6 | 7 | ![section4Intro](../../images/section4Intro.png) 8 | -------------------------------------------------------------------------------- /docs/04-System-Hardening/02-Least-Privilege-Principle.md: -------------------------------------------------------------------------------- 1 | # Least Privilege Principle 2 | 3 | - Take me to the [Video Tutuorial](https://kodekloud.com/topic/least-privilege-principle/) 4 | 5 | In this section, we will take a look at `Least Privilege Principle`. 6 | 7 | ### Secure Kubernetes Infrastructure using Least Privilege 8 | 9 | ![leastPrivileges](../../images/leastPrivileges.png) 10 | -------------------------------------------------------------------------------- /docs/04-System-Hardening/03-Minimize-host-OS-footprint-Intro.md: -------------------------------------------------------------------------------- 1 | # Minimize host OS footprint Intro 2 | 3 | - Take me to the [Video Tutuorial](https://kodekloud.com/topic/minimize-host-os-footprint-intro/) 4 | 5 | In this section, we will take a look at `Minimize host OS footprint Intro`. 6 | 7 | ### Reducing the attack surface on host 8 | 9 | - One way to limit the threat to reduce the attack surface is to keep all systems in the cluster in a consistent secure state. 10 | 11 | Some of the ways to decrease the complexity of the nodes are 12 | - Use the principle of least privilege so that systems, including Nodes, the software running on them, Kubernetes components and workloads only have the bare minimum access. 13 | 14 | - Make sure only the “Required” software is installed on the host. 15 | - Limit the users and accounts that can access the host. 16 | 17 | - Ensure unwanted services are not exposed. 18 | 19 | - Ensure Kernel Modules cannot be loaded post boot. 20 | 21 | - Identify and fix any open port on the system. 22 | -------------------------------------------------------------------------------- /docs/04-System-Hardening/04-Limit-Node-Access.md: -------------------------------------------------------------------------------- 1 | # Limit Node Access 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/limit-node-access/) 4 | 5 | In this section, we will take a look at `Limit Node Access`. 6 | 7 | ### The Four types of user accounts in linux 8 | 9 | - The user account refers to individuals who need access to the Linux system. 10 | 11 | - A super user account is the root, which has UID 0. 12 | 13 | - System accounts are typically created during the OS installation. 14 | 15 | - Service accounts are similar to system accounts and created when services are installed in linux. Such as an nginx service that makes use of a service account called nginx. 16 | 17 | ### Access control files in Linux 18 | 19 | - Most of the access control files in Linux are stored under the `/etc` directory. 20 | 21 | - The first one of interest is the `/etc/passwd` file which is also commonly known as the password file. This file contains basic information about the users in the system, including the username,UID/GID, home directory and their default shell. 22 | 23 | - The passwords are stored in the next file and we are going to see `/etc/shadow` file. The contents of this file are hashed. 24 | 25 | - The /etc/group file stores information about all user groups on the system such as the group name and GID and members. 26 | -------------------------------------------------------------------------------- /docs/04-System-Hardening/05-lab-Limit-Node-Access.md: -------------------------------------------------------------------------------- 1 | # Lab - Limit Node Access 2 | 3 | - Take me to the [Lab](https://kodekloud.com/topic/lab-limit-node-access/) 4 | 5 | Solutions Lab - Limit Node Access: 6 | 7 | - **`0`** is the UID of superuser - root 8 | 9 | - **`/etc/passwd`** is the file containing details about users in Linux. 10 | 11 | - We have a user account named mail on the controlplane host. What kind of user account is it 12 |
13 | 14 | ``` 15 | System account 16 | ``` 17 |
18 | 19 | - We have created a user named david on the controlplane host. What is the uid of this user? 20 |
21 | 22 | ``` 23 | Look at the file /etc/passwd and identify ID of david 24 | OR 25 | run as a root 26 | $ id david 27 | 2323 28 | ``` 29 |
30 | 31 | - Run 32 |
33 | 34 | ``` 35 | As a root run 36 | 37 | $ passwd david 38 | 39 | and then enter the password 40 | ``` 41 |
42 | 43 | - Run 44 |
45 | 46 | ``` 47 | use those commands 48 | $ userdel ray 49 | $ groupdel devs 50 | and then enter the password 51 | ``` 52 |
53 | 54 | - To suspend the user account, Run 55 |
56 | 57 | ``` 58 | $ usermod -s /usr/sbin/nologin himanshi 59 | ``` 60 |
61 | 62 | 63 | - Run 64 |
65 | 66 | ``` 67 | $ useradd -d /opt/sam -s /bin/bash -G admin -u 2328 sam 68 | ``` 69 |
70 | 71 | 72 | -------------------------------------------------------------------------------- /docs/04-System-Hardening/06-SSH-Hardening.md: -------------------------------------------------------------------------------- 1 | # SSH Hardening 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/ssh-hardening/) 4 | 5 | In this section, we will take a look at `SSH Hardening`. 6 | 7 | - SSH is used for logging into a remote machine and for executing commands on a remote machine. 8 | 9 | - The basic syntax of doing this is to run the SSH command followed by the IP address or hostname of the server you want to connect to. 10 | 11 | ![k8sSSH](../../images/k8sSSH.png) 12 | 13 | - A more secure way is to make use of a cryptographic key pair that uses private and public keys to authenticate to the system. 14 | 15 | - To improve the security of the system: 16 | 17 | - Disable SSH for the root account. This ensures that no one can login remotely using the root account and only as their own user account 18 | 19 | ![sshHarderning](../../images/sshHarderning.png) 20 | -------------------------------------------------------------------------------- /docs/04-System-Hardening/07-Privilege-Escalation-in-Linux.md: -------------------------------------------------------------------------------- 1 | # Privilege Escalation in Linux 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/privilege-escalation-in-linux/) 4 | 5 | In this section, we will take a look at `Privilege Escalation in Linux`. 6 | 7 | - The sudo command offers another approach to giving users administrative access. When trusted users precede an administrative command with sudo, they are prompted for their own password. 8 | 9 | - The default configuration for sudo is defined under `/etc/sudoers` file. 10 | 11 | ![sudo](../../images/sudo.png) 12 | -------------------------------------------------------------------------------- /docs/04-System-Hardening/09-Remove-Obsolete-Packages-and-Services.md: -------------------------------------------------------------------------------- 1 | # Remove Obsolete Packages and Services 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/remove-obsolete-packages-and-services/) 4 | 5 | In this section, we will take a look at `Remove Obsolete Packages and Services`. 6 | 7 | - Keep the system as lean as possible by making sure that only the required software is installed and the ones that are installed are constantly updated to address security fixes. 8 | 9 | - The systemctl tool allows us to manage the systemd-services such as getting the status, starting and stopping the services. 10 | 11 | ![removepackage](../../images/removepackage.png) 12 | -------------------------------------------------------------------------------- /docs/04-System-Hardening/10-Restrict-Kernel-Modules.md: -------------------------------------------------------------------------------- 1 | # Restrict Kernel Modules 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/restrict-kernel-modules/) 4 | 5 | In this section, we will take a look at Restrict Kernel Modules. 6 | 7 | - The Linux Kernel has a modular design that allows the Kernel to extend its capabilities by the means of dynamically loaded kernel modules. 8 | 9 | - The sctp kernel module is not commonly used in Kubernetes cluster and can be black listed on the nodes by adding the following entry to the blacklist configuration file. 10 | 11 | ![restrictKernel](../../images/restrictKernel.png) 12 | 13 | -------------------------------------------------------------------------------- /docs/04-System-Hardening/11-Identify-and-Disable-Open-Ports.md: -------------------------------------------------------------------------------- 1 | # Identify and Disable Open Ports 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/identify-and-disable-open-ports/) 4 | 5 | In this section, we will take a look at `Identify and Disable Open Ports`. 6 | 7 | - To check if a port is used and listen for connection requests, you can make use of the `netstat` command. 8 | 9 | ![netstat](../../images/netstat.png) 10 | 11 | - Kubernetes required ports 12 | 13 | ![requiredPorts](../../images/requiredPorts.png) 14 | 15 | 16 | ### Reference 17 | 18 | https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#check-required-ports 19 | -------------------------------------------------------------------------------- /docs/04-System-Hardening/13-Minimize-IAM-roles.md: -------------------------------------------------------------------------------- 1 | # Minimize IAM Roles 2 | 3 | - Take me to [Video Tutorial](https://kodekloud.com/topic/minimize-iam-roles/) 4 | 5 | In this section, we will take a look at `Minimize IAM Roles`. 6 | 7 | - As a standard when a user is just created, Cloud Providers assign the least privilege permission to the user. 8 | 9 | - When you first create an Amazon Web Services (AWS) account, you begin with a single sign-in identity that has complete access to all AWS services and resources in the account. This identity is called the **`AWS account root user`** and is accessed by signing in with the email address and password that you used to create the account. 10 | 11 | - An IAM Group is a collection of users which allows us to specify permissions to multiple users at once. 12 | 13 | 14 | -------------------------------------------------------------------------------- /docs/04-System-Hardening/14-Minimize-external-access-to-the-network.md: -------------------------------------------------------------------------------- 1 | # Minimize external access to the network 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/minimize-external-access-to-the-network/) 4 | 5 | In this section, we will take a look at `Minimize external access to the network`. 6 | 7 | - In a real-world environment that has many different clients and many different servers all connected through a large network with many different switches and routers, it is important that we implement network security to allow or restrict access to the various services and ports. Such as which servers allow SSH access or which servers can access what services on what port etc. 8 | 9 | - We can apply such security either network wide using external firewalls or appliances such as Cisco ASA, Juniper NextGen Firewall, Barracuda NextGen Firewall, Fortinet etc. 10 | 11 | ![restrictNetwork](../../images/restrictNetwork.png) 12 | 13 | 14 | 15 | -------------------------------------------------------------------------------- /docs/04-System-Hardening/15-UFW-Firewall-Basics.md: -------------------------------------------------------------------------------- 1 | # UFW Firewall Basics 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/ufw-firewall-basics/) 4 | 5 | In this section, we will take a look at `UFW Firewall Basics`. 6 | 7 | - UFW which stands for Uncomplicated Firewall. UFW is a simple frontend interface for Iptables, which as the name suggests provides a simple and easy to use interface to set up firewall rules. 8 | 9 | - iptables is perhaps the most common tools used to configure the firewall 10 | 11 | ### UFW Rules 12 | 13 | ufw status 14 | 15 | ufw default allow outgoing 16 | 17 | ufw default deny incoming 18 | 19 | ![fwRules](../../images/fwRules.png) 20 | 21 | ### Allowed & denied Rules 22 | add an allow rule to permit SSH connections from the jump server with the IP 172.16.238.5 23 | 24 | ufw allow from 172.16.238.5 to any port 22 proto tcp 25 | 26 | 27 | ![allowedRules.png](../../images/allowed.png) 28 | 29 | ### Delete Rules 30 | 31 | ufw delete deny 8080 32 | 33 | ufw status 34 | 35 | ufw delete 5 36 | 37 | ![delete.png](../../images/delete.png) 38 | -------------------------------------------------------------------------------- /docs/04-System-Hardening/17-Linux-Syscalls.md: -------------------------------------------------------------------------------- 1 | # Linux Syscalls 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/linux-syscalls/) 4 | 5 | In this section, we will take a look at `Linux Syscalls`. 6 | 7 | - A kernel is the major component of an operating system and is the core interface between a computer’s hardware and its processes. 8 | 9 | - The Kernel can be divided into two memory areas, user space and kernel space. 10 | 11 | ![kernel](../../images/kernel.png) 12 | 13 | 14 | - Applications running in user space get access to data on devices by making special requests to the kernel called system calls. 15 | 16 | - If we want to create an empty file called error.login the /tmp file system – it will make several system calls. 17 | 18 | ![kernelTouch](../../images/kernelTouch.png) 19 | 20 | - Tracing the syscalls used by a process 21 | 22 | which trace 23 | strace touch /tmp/error.log 24 | 25 | ![trace](../../images/trace.png) 26 | -------------------------------------------------------------------------------- /docs/04-System-Hardening/18-AquaSecTracee.md: -------------------------------------------------------------------------------- 1 | # AquaSecTracee 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/aquasec-tracee/) 4 | 5 | In this section, we will take a look at `AquaSec Tracee`. 6 | 7 | - Tracee is a Runtime Security and forensics tool for Linux. It is using Linux eBPF technology to trace your system and applications at runtime, and analyze collected events to detect suspicious behavioral patterns. It is delivered as a Docker image that monitors the OS and detects suspicious behavior based on a predefined set of behavioral patterns. 8 | 9 | docker run --name tracee --rm --privileged -v /lib/modules/:/lib/modules/:ro -v /usr/src:/usr/src:ro -v /tmp/tracee:/tmp/tracee -it aquasec/tracee:0.4.0 --trace comm=ls 10 | 11 | ![tracee](../../images/tracee.png) 12 | 13 | 14 | ### References 15 | 16 | - https://github.com/aquasecurity/tracee 17 | -------------------------------------------------------------------------------- /docs/04-System-Hardening/19-Restrict-syscalls-using-seccomp.md: -------------------------------------------------------------------------------- 1 | # Restrict Syscalls using Seccomp 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/restrict-syscalls-using-seccomp/) 4 | 5 | In this section, we will take a look at `Restrict Syscalls using Seccomp`. 6 | 7 | - By default, the Linux kernel would allow any syscall to be invoked by programs running in the user space which can increase the attack surface. 8 | 9 | - Seccomp stands for secure computing and it is a Linux Kernel feature that can be used to sandbox applications to only use the syscalls they need. 10 | 11 | 12 | ### Seccomp Modes 13 | 14 | ![seccompModes](../../images/seccompModes.png) 15 | 16 | 17 | - Docker has a built-in seccomp filter that it uses by default whenever we create a container. 18 | 19 | ![seccompFilters](../../images/seccompFilters.png) 20 | 21 | 22 | 23 | ### References 24 | 25 | - https://github.com/moby/moby/tree/master/profiles/seccomp 26 | -------------------------------------------------------------------------------- /docs/04-System-Hardening/20-Implement-Seccomp-in-Kubernetes.md: -------------------------------------------------------------------------------- 1 | # Implement Seccomp in Kubernetes 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/implement-seccomp-in-kubernetes/) 4 | 5 | In this section, we will take a look at `Implement Seccomp in Kubernetes`. 6 | 7 | ### Seccomp in Docker 8 | 9 | docker run r.j3ss.co/amicontained amicontained 10 | ![seccompDocker](../../images/seccompdocker.png) 11 | 12 | 13 | ### Seccomp in Kubernetes 14 | 15 | kubectl run amicontained --image r.j3ss.co/amicontained amicontained -- amicontained 16 | 17 | kubectl logs amicontained 18 | ![seccompK8s](../../images/seccompk8s.png) 19 | 20 | apiVersion: v1 21 | kind: Pod 22 | metadata: 23 | labels: 24 | run: amicontained 25 | name: amicontained 26 | spec: 27 | securityContext: 28 | seccompProfile: 29 | type: RuntimeDefault 30 | containers: 31 | - args: 32 | - amicontained 33 | image: r.j3ss.co/amicontained 34 | name: amicontained 35 | securityContext: 36 | allowPrivilegeEscalation: false 37 | 38 | ![seccompk8sPod](../../images/seccompk8sPod.png) 39 | 40 | 41 | ### References 42 | 43 | - https://kubernetes.io/docs/tutorials/clusters/seccomp/ 44 | -------------------------------------------------------------------------------- /docs/04-System-Hardening/22-AppArmor.md: -------------------------------------------------------------------------------- 1 | # AppArmor 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/apparmor/) 4 | 5 | In this section, we will take a look at `AppArmor`. 6 | 7 | - **`AppArmor ("Application Armor")`** is a Linux kernel security module that allows the system administrator to restrict programs' capabilities with per-program profiles. Profiles can allow capabilities like network access, raw socket access, and the permission to read, write, or execute files on matching paths. 8 | 9 | - AppArmor is installed by default on the most Linux distribution. 10 | 11 | **`systemctl status apparmor`** 12 | 13 | 14 | - AppArmor confinement is provided via profiles loaded into the kernel. AppArmor can be set to either enforce the profile or complain when profile rules are violated. 15 | 16 | ![apparmorProfiles](../../images/apparmorProfiles.png) 17 | -------------------------------------------------------------------------------- /docs/04-System-Hardening/23-Creating-AppArmor-Profiles.md: -------------------------------------------------------------------------------- 1 | # Creation AppArmor Profiles 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/creating-apparmor-profiles/) 4 | 5 | In this section, we will take a look at `Creation AppArmor Profiles`. 6 | 7 | ### A simple bash script 8 | 9 | #!/bin/bash 10 | data_directory=/opt/app/data 11 | mkdir -p ${data_directory} 12 | echo "=> File created at `date`" | tee $(data_directory) create.log 13 | 14 | 15 | 16 | ![simpleBashScript](../../images/simpleBashScript.png) 17 | 18 | 19 | ### Install AppArmor utils package 20 | 21 | sudo apt install apparmor-utils -y 22 | 23 | 24 | ### Create a profile for bash script 25 | 26 | aa-genprof /root/add_data.sh 27 | 28 | ![apparmorprofileBash](../../images/apparmorprofileBash.png) 29 | 30 | 31 | ### Run a bash script from a different window 32 | 33 | ./add_data.sh 34 | -------------------------------------------------------------------------------- /docs/04-System-Hardening/24-AppArmor-in-Kubernetes.md: -------------------------------------------------------------------------------- 1 | # AppArmor in Kubernetes 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/apparmor-in-kubernetes/) 4 | 5 | In this section, we will take a look at `AppArmor in Kubernetes`. 6 | 7 | - Kubernetes version is at least v1.4 -- Kubernetes support for AppArmor was added in v1.4. Kubernetes components older than v1.4 are not aware of the new AppArmor annotations and will silently ignore any AppArmor settings that are provided. 8 | 9 | 10 | ### References 11 | 12 | - https://kubernetes.io/docs/tutorials/clusters/apparmor/#example 13 | -------------------------------------------------------------------------------- /docs/04-System-Hardening/25-Linux-Capabilities.md: -------------------------------------------------------------------------------- 1 | # Linux Capabilities 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/linux-capabilities/) 4 | 5 | In this section, we will take a look at `Linux Capabilities`. 6 | 7 | - Linux capabilities provide a finer grained breakdown of the privileges traditionally associated with the superuser. 8 | 9 | ![linuxCap](../../images/linuxCap.png) 10 | 11 | 12 | ### Linux Capabilities in kubernetes 13 | 14 | - The **`date -s '19 APR 20120 22:00:00'`** command is not permitted 15 | 16 | kubectl run --rm -it ubuntu-sleeper --image=ubuntu -- bash 17 | 18 | ![linuxcapk8s1](../../images/linuxcapk8s1.png) 19 | 20 | apiVersion: v1 21 | kind: Pod 22 | metadata: 23 | name: ubuntu-sleeper 24 | spec: 25 | containers: 26 | - name: ubuntu-sleeper 27 | image: ubuntu 28 | command: ["sleep", "1000"] 29 | securityContext: 30 | capabilities: 31 | add: ["SYS_TIME"] 32 | 33 | 34 | kubectl apply -f ubuntu-sleeper.yml 35 | 36 | kubectl exec -it ubuntu-sleeper -- bash 37 | 38 | 39 | 40 | 41 | ![linuxcapk8s](../../images/linuxcapK8s.png) 42 | 43 | ### References 44 | 45 | - https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-capabilities-for-a-container 46 | -------------------------------------------------------------------------------- /docs/05-Minimize-Microservice-Vulnerabilities/01-Section-Introduction.md: -------------------------------------------------------------------------------- 1 | # Section Introduction 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/section-introduction-7/) 4 | 5 | In this section, we will take a look at `Section Minimize Microservice Vulnerabilities`. 6 | 7 | ![section5Intro](../../images/section5Intro.png) 8 | 9 | 10 | -------------------------------------------------------------------------------- /docs/05-Minimize-Microservice-Vulnerabilities/04-Admission-Controllers.md: -------------------------------------------------------------------------------- 1 | # Admission Controllers 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/admission-controllers/) 4 | 5 | In this section, we will take a look at `Admission Controllers`. 6 | 7 | - When a request comes in , say to create a pod, it goes through authentication, authorization and then through admission controllers before being created. 8 | 9 | - Kubernetes admission controllers are plugins that govern and enforce how the cluster is used. 10 | 11 | ![admissioncontroller](../../images/admissioncontroller1.png) 12 | 13 | 14 | ### With Admission Controllers, you can 15 | 16 | - Only permit images from a certain registry. 17 | - Don't permit runAs root user. 18 | - Only permit certain capabilities. 19 | - Pods always have labels. 20 | 21 | 22 | ### To see which admission plugins are enabled: 23 | 24 | kubectl exec kube-apiserver-controlplane -n kube-system -- kube-apiserver -h | grep enable-admission-plugins 25 | 26 | 27 | ### Add an admission controller NamespaceAutoProvision 28 | 29 | vim /etc/kubernetes/manifests/kube-apiserver.yaml 30 | 31 | update --enable-admission-plugins=NodeRestriction 32 | 33 | with --enable-admission-plugins=NodeRestriction,NamespaceAutoProvision 34 | 35 | 36 | - `--admission-control` was deprecated in 1.10 and replaced with `--enable-admission-plugins`. 37 | 38 | 39 | ### References 40 | 41 | - https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/ 42 | -------------------------------------------------------------------------------- /docs/05-Minimize-Microservice-Vulnerabilities/05-Labs-Admission-Controllers.md: -------------------------------------------------------------------------------- 1 | # Lab - Admission Controllers 2 | 3 | - Take me to the [Lab](https://kodekloud.com/topic/labs-admission-controllers/) 4 | 5 | Solutions Lab - Admission Controllers: 6 | 7 | - **`authenticate user`** is not a function of the admission controller. 8 | 9 | - **`NamespaceAutoProvision`** is an admission controller that is not enabled by default. 10 | 11 | - **`NodeRestriction`** is an enabled admission controller in this cluster and is normally disabled. 12 | 13 | - Run below command to deploy a pod with the nginx image in the blue namespace. 14 | 15 |
16 | 17 | ``` 18 | $ kubectl run nginx --image nginx -n blue 19 | ``` 20 |
21 | 22 | - The previous step failed because kubernetes have NamespaceExists admission controller enabled. 23 | 24 |
25 | 26 | ``` 27 | Add NamespaceAutoProvision admission controller to --enable-admission-plugins list to /etc/kubernetes/manifests/kube-apiserver.yaml 28 | It should be like 29 | 30 | - --enable-admission-plugins=NodeRestriction,NamespaceAutoProvision 31 | ``` 32 |
33 | 34 | - Run the below command to deploy a single pod with nginx image in the blue namespace 35 | 36 |
37 | 38 | ``` 39 | $ kubectl run nginx --image nginx -n blue 40 | ``` 41 |
42 | 43 | - Disable DefaultStorageClass admission controller. 44 | 45 |
46 | 47 | ``` 48 | Update /etc/kubernetes/manifests/kube-apiserver.yaml as below 49 | - --disable-admission-plugins=DefaultStorageClass 50 | ``` 51 |
52 | 53 | - Check the process to see enabled and disabled plugins. 54 | 55 |
56 | 57 | ``` 58 | $ ps -ef | grep kube-apiserver | grep admission-plugins 59 | ``` 60 |
61 | 62 | 63 | 64 | -------------------------------------------------------------------------------- /docs/05-Minimize-Microservice-Vulnerabilities/08-Pod-Security-Policies.md: -------------------------------------------------------------------------------- 1 | # Pod Security Policies 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/pod-security-policies/) 4 | 5 | In this section, we will take a look at `Pod Security Policies`. 6 | 7 | - Pod security policies help in defining policies to restrict pods from being created with specific capabilities or privileges. 8 | 9 | - PodSecurityPolicy plugin is not enabled by default. 10 | 11 | - When enabled the pod security policy admission controller observes all pod creation requests and validates the configuration against a set of pre-configured rules. If it detects a match that we have configured the request is rejected. 12 | 13 | 14 | ### Create a POD Security policy 15 | 16 | 17 | apiVersion: policy/v1beta1 18 | kind: PodSecurityPolicy 19 | metadata: 20 | name: example 21 | spec: 22 | privileged: false 23 | seLinux: 24 | rule: RunAsAny 25 | supplementalGroups: 26 | rule: RunAsAny 27 | runAsUser: 28 | rule: RunAsAny 29 | fsGroup: 30 | rule: RunAsAny 31 | 32 | ### References 33 | 34 | - https://kubernetes.io/docs/concepts/policy/pod-security-policy/ 35 | -------------------------------------------------------------------------------- /docs/05-Minimize-Microservice-Vulnerabilities/09-PSA-and-PSS.md: -------------------------------------------------------------------------------- 1 | # Pod Security Admission and Pod Security Standards 2 | 3 | Take me to the [Video Tutorial](https://kodekloud.com/topic/pod-security-admission-and-pod-security-standards/) 4 | 5 | Lecture: TODO 6 | 7 | -------------------------------------------------------------------------------- /docs/05-Minimize-Microservice-Vulnerabilities/12-Open-Policy-Agent-(OPA).md: -------------------------------------------------------------------------------- 1 | # Open Policy Agent (OPA) 2 | 3 | - Take me to the [Video Tutorials](https://kodekloud.com/topic/open-policy-agent-opa/) 4 | 5 | In this section, we will take a look at `Open Policy Agent (OPA)`. 6 | 7 | - OPA is an open source, general-purpose policy engine that unifies policy enforcement across the stack. OPA provides a high-level declarative language that lets you specify policy as code and simple APIs to offload policy decision-making from your software. You can use OPA to enforce policies in microservices, Kubernetes, CI/CD pipelines, API gateways, and more. 8 | 9 | 10 | ### Install OPA 11 | 12 | $ curl -L -o opa https://github.com/open-policy-agent/opa/releases/download/v0.27.1/opa_linux_amd64 13 | $ chmod 755 ./opa 14 | $ ./opa run -s & 15 | 16 | 17 | ### References 18 | 19 | How Netflix Is Solving Authorization Across Their Cloud [I] -Manish Mehta & TorinSandall, Netflix 20 | 21 | - https://www.youtube.com/watch?v=R6tUNpRpdnYOPA 22 | 23 | ### Deep Dive 24 | 25 | - https://www.youtube.com/watch?v=4mBJSIhs2xQ 26 | -------------------------------------------------------------------------------- /docs/05-Minimize-Microservice-Vulnerabilities/13-Labs-OPA.md: -------------------------------------------------------------------------------- 1 | # Lab - OPEN POLICY AGENT (OPA) 2 | 3 | - Take me to the [Lab](https://kodekloud.com/topic/labs-opa/) 4 | 5 | Solutions for Lab - OPA: 6 | 7 | - OPA stands for **`Open Policy Agent`**. 8 | 9 | - Install and run the latest OPA on the system in the background. 10 | 11 |
12 | 13 | ``` 14 | Update VERSION below with the latest version available in the release page 15 | $ export VERSION=v0.27.1 16 | $ curl -L -o opa https://github.com/open-policy-agent/opa/releases/download/${VERSION}/opa_linux_amd64 17 | $ chmod 755 ./opa 18 | $ ./opa run -s & 19 | ``` 20 |
21 | 22 | - **`8181`** is the default port on which OPA runs. 23 | 24 | - **`Rego`** is the language used to write policies in OPA. 25 | 26 | - Fix the error in the policy given at `/root/example.rego` 27 | 28 |
29 | 30 | ``` 31 | $ vi /root/example.rego 32 | Set "default allow = false" 33 | Run the below command to test policy 34 | $ ./opa test example.rego 35 | 36 | ``` 37 |
38 | 39 | - Load policy `/root/sample.rego` to OPA with the name samplepolicy. 40 | 41 |
42 | 43 | ``` 44 | Run Below command to import sample.rego in OPA 45 | $ curl -X PUT --data-binary @sample.rego http://localhost:8181/v1/policies/samplepolicy 46 | ``` 47 |
48 | -------------------------------------------------------------------------------- /docs/05-Minimize-Microservice-Vulnerabilities/14-OPA-Gatekeeper-in-Kubernetes.md: -------------------------------------------------------------------------------- 1 | # OPA Gatekeeper in Kubernetes 2 | 3 | - Take me to the [OPA Gate Keeper](https://kodekloud.com/topic/opa-in-kubernetes/) 4 | 5 | In this section, we will take a look at `OPA Gatekeeper in Kubernetes`. 6 | 7 | 8 | -------------------------------------------------------------------------------- /docs/05-Minimize-Microservice-Vulnerabilities/18-Container-Sandboxing.md: -------------------------------------------------------------------------------- 1 | # Container Sandboxing 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/container-sandboxing/) 4 | 5 | In this section, we will take a look at `Container Sandboxing`. 6 | 7 | ### Virtual Machine VS Container 8 | 9 | - Comparing a virtual machine to a container –one of the key differences is that all containers on a server -whether it’s a virtual machine or a physical server, share the same underlying kernel. 10 | 11 | - From the perspective of a host, it is just another process which is isolated from the host and other containers running on it. 12 | 13 | ![vm1](../../images/vm1.png) 14 | 15 | - The virtualized hardware isolation creates a much stronger security boundary than namespace isolation. The risk of an attacker escaping a container (process) is much higher than the chance of escaping a VM. The reason for higher container escaping risk lies on the weak isolation that namespace and cgroup create. Linux implements namespace and cgroup by associating new property fields to each process. These fields under the /proc file system tell the host OS if one process can see the other or how much the CPU/Memory budget that the process can use. 16 | -------------------------------------------------------------------------------- /docs/05-Minimize-Microservice-Vulnerabilities/19-gVisor.md: -------------------------------------------------------------------------------- 1 | # gVisor 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/gvisor/) 4 | 5 | In this section, we will take a look at `gVisor`. 6 | 7 | - gVisor is a tool from google that allows an additional layer of isolation between the container and the kernel. 8 | 9 | - When a program in a container wants to make a system call to the Linux kernel, it actually makes a call to gVisor now. 10 | 11 | - gVisor Sandbox consists of two major components that work together to achieve stronger isolation when compared to traditional containers.The first component is called **`sentry`** - which can be described as an independent application level kernel dedicated for containers. 12 | 13 | - The main purpose of Sentry is to intercept and respond to system calls made by the containerized application. 14 | 15 | - Sentry talks to a dedicated process called **`Gofer`** . 16 | 17 | - Gofer is a file proxy that implements the logic needed to give container apps access to system files. 18 | 19 | - Since system calls are received and processed via a middleman, this means there are more instructions the CPU has to go through. This can make the applications slightly slower as compared to traditional containers. 20 | 21 | ![gadvisor](../../images/gadvisor.png) 22 | 23 | 24 | 25 | -------------------------------------------------------------------------------- /docs/05-Minimize-Microservice-Vulnerabilities/20-kata-Containers.md: -------------------------------------------------------------------------------- 1 | # Kata Containers 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/kata-containers/) 4 | 5 | In this section, we will take a look at `Kata Containers`. 6 | 7 | - Kata takes a different approach to sandbox containers as compared to gVisor. 8 | 9 | - Kata inserts each container into its own, separate virtual machine. And each container will have its own, dedicated kernel running inside. 10 | 11 | - Just like with gVisor, this gets rid of the problems caused when all container apps communicate directly with the same operating system kernel. Now they each have their own little kernel to bother with, so if they crash it or abuse it in any way, it doesn't bring the whole system down; only that specific container will experience problems instead of all of them. 12 | 13 | - The Virtual Machines that are created by Kata are light weight and are focused on performance. 14 | 15 | - Since Kata containers need hardware virtualization support, this means that you might not be able to run them on your typical cloud service provider. 16 | 17 | - A cloud compute instance is already a virtual machine. So if you intend to use Kata you are basically trying to run a virtual machine inside another virtual machine. This is called **`nested virtualization`** which is not supported by many cloud providers. 18 | 19 | ![kata](../../images/kata1.png) 20 | -------------------------------------------------------------------------------- /docs/05-Minimize-Microservice-Vulnerabilities/22-Using-Runtimes-in-Kubernetes.md: -------------------------------------------------------------------------------- 1 | # Using Runtimes in Kubernetes 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/using-runtimes-in-kubernetes/) 4 | 5 | In this section, we will take a look at Using `Runtimes in Kubernetes`. 6 | 7 | ### How to instruct the pods to specifically make use of the gvisor runtime? 8 | 9 | gvisor.yaml 10 | 11 | apiVersion: node.k8s.io/v1 12 | kind: RuntimeClass 13 | metadata: 14 | name: gvisor 15 | handler: runsc 16 | 17 | 18 | **`kubectl create -f gvisor.yml`** 19 | 20 | Specify a runtimeClassName in the Pod spec: 21 | 22 | gvisor-nginx.yaml 23 | 24 | apiVersion: v1 25 | kind: Pod 26 | metadata: 27 | name: nginx 28 | spec: 29 | runtimeClassName: gvisor 30 | containers: 31 | - image: nginx 32 | name: nginx 33 | 34 | 35 | **`kubectl create -f gvisor-nginx.yaml`** 36 | 37 | ![gvisor-k8s.png](../../images/gvisor-k8s.png) 38 | -------------------------------------------------------------------------------- /docs/05-Minimize-Microservice-Vulnerabilities/25-Implement-pod-to-pod-encryption-by-use-of-mTLS.md: -------------------------------------------------------------------------------- 1 | # Implement pod to pod encryption by use of mTLS 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/implement-pod-to-pod-encryption-by-use-of-mtls/) 4 | 5 | In this section, we will take a look at `Implement pod to pod encryption by use of mTLS`. 6 | 7 | - It is better to let the communications between pods without encryption format and use other ways to add the encrypted format on top. 8 | 9 | - Istio and linkerd enable mutual Transport Layer Security (mTLS) for most TCP traffic between meshed pods. 10 | 11 | ![linkerd](../../images/linkerd.png) 12 | 13 | - You add Istio support to services by deploying a special sidecar proxy throughout your environment that intercepts all network communication between micro services. 14 | 15 | ![lstio1](../../images/lstio1.png) 16 | 17 | 18 | 19 | 20 | - Istio external inbound traffic, This traffic coming from an outside client that is captured by the sidecar. If the client is inside the mesh, this traffic may be encrypted with Istio mutual TLS. By default, the sidecar will be configured to accept both mTLS and non-mTLS traffic, known as **`PERMISSIVE mode`**. The mode can alternatively be configured to **`STRICT`**, where traffic must be mTLS, or DISABLE, where traffic must be plain text. 21 | 22 | ![lstio3](../../images/lstio3.png) 23 | 24 | ![lstio2](../../images/lstio22.png) 25 | -------------------------------------------------------------------------------- /docs/05-Minimize-Microservice-Vulnerabilities/z-13-OPA-in-Kubernetes-retired.md: -------------------------------------------------------------------------------- 1 | # OPA in Kubernetes 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/opa-in-kubernetes/) 4 | 5 | In this section, we will take a look at `OPA in Kubernetes`. 6 | 7 | - Instead of building our own admission controller server and writing the logic for validations, we now have OPA running and all our policies in it. So instead we connect our mutating or validating webhooks now to OPA. 8 | 9 | 10 | ### How does OPA know about the resources in Kubernetes? 11 | 12 | We can make that happen using the **`kubemanagement service`**. Kubemanagement is a service deployed as a sidecar container along with OPA and is used to replicate resource definitions from Kubernetes so they can be cached at OPA. This information can then be imported as we just saw and used to refer to objects in Kubernetes while developing policies. It is also used to load policies into OPA by simply creating a config map object in Kubernetes as opposed to loading the policies directly on OPA. 13 | 14 | 15 | ### References: 16 | 17 | - https://kubernetes.io/blog/2019/08/06/opa-gatekeeper-policy-and-governance-for-kubernetes/ 18 | 19 | - https://www.openpolicyagent.org/docs/v0.12.2/kubernetes-admission-control/ 20 | 21 | - https://www.openpolicyagent.org/docs/latest/kubernetes-tutorial/ 22 | 23 | - https://www.openpolicyagent.org/docs/v0.11.0/guides-kubernetes-admission-control/ 24 | 25 | - Good watch: https://www.youtube.com/watch?v=QU9BGPf0hBw 26 | 27 | 28 | -------------------------------------------------------------------------------- /docs/06-Supply-Chain-Security/01-Section-Introduction.md: -------------------------------------------------------------------------------- 1 | # Section Introduction 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/section-introduction-8/) 4 | 5 | In this section, we will take a look at `Section Introduction`. 6 | 7 | ![section6Intro](../../images/section6Intro.png) 8 | -------------------------------------------------------------------------------- /docs/06-Supply-Chain-Security/02-Minimize-base-image-footprint.md: -------------------------------------------------------------------------------- 1 | # Minimize Base Image Footprint 2 | 3 | - Take me to [Video Tutorial](https://kodekloud.com/topic/minimize-base-image-footprint/) 4 | 5 | In this section, we will take a look at `Minimize Base Image Footprint`. 6 | 7 | ### Base VS parent image 8 | 9 | - The httpd image itself is built from another image which happens to be the Debian image. 10 | 11 | - So the httpd image starts with the Debian image and then builds on to installing httpd on it. 12 | 13 | - The Debian image is built from SCRATCH. When an image is built from scratch it is called as the base image. 14 | 15 | ![parent](../../images/parent.png) 16 | 17 | ### Some of the best practices to be followed while building an image 18 | 19 | - Do not build images that combine multiple applications – such as a web server, database or other services all into one image. 20 | 21 | - Not storing stored data or state inside a container. This is because containers are ephemeral in nature. 22 | 23 | - You must look for images with authenticity. The official image or verified publisher tag indicates the image is from an official sources. 24 | 25 | - Create slim/minimal images. 26 | 27 | - Only install necessary packages. 28 | 29 | - Maintain different images for different environments: 30 | 31 | - Development - debug tools 32 | - Production 33 | 34 | - Use multi-stage builds. 35 | 36 | 37 | A minimal image is also less vulnerable to attack. For example a quick scan of vulnerability run on an httpd image using the trivy tool shows that there are atleast124 known vulnerabilities in it. But when run on an httpd alpine based image, we see that there are 0 vulnerabilities. The lesser packages there are within an image, the fewer vulnerabilities are. 38 | 39 | trivy image httpd 40 | 41 | trivy image httpd:alpine 42 | ![v1](../../images/V1.png) 43 | -------------------------------------------------------------------------------- /docs/06-Supply-Chain-Security/04-Labs-Image-Security.md: -------------------------------------------------------------------------------- 1 | # Lab - Image Security 2 | 3 | - Take me to the [Lab](https://kodekloud.com/topic/labs-image-security/) 4 | 5 | Solutions Lab - Image Security: 6 | 7 | - The **`nginx:alpine`** image is the application using. 8 | 9 | 10 | - Use the `kubectl edit deployment` command to edit the image name to `myprivateregistry.com:5000/nginx:alpine`. 11 | 12 |
13 | 14 | ``` 15 | $ kubectl edit deployment web 16 | ``` 17 | 18 |
19 | 20 | - Run the command `kubectl get pods` command and check the status of the pods. 21 | 22 |
23 | 24 | ``` 25 | $ kubectl get pods 26 | ``` 27 | 28 |
29 | 30 | - Create a secret object with the credentials required to access the registry. 31 | 32 |
33 | 34 | ``` 35 | 36 | $ kubectl create secret docker-registry private-reg-cred --docker-username=dock_user --docker-password=dock_password --docker-server=myprivateregistry.com:5000 --docker-email=dock_user@myprivateregistry.com 37 | ``` 38 |
39 | 40 | - Configure the deployment to use credentials from the new secret to pull images from the private registry 41 | 42 |
43 | 44 | ``` 45 | $ Edit deployment using kubectl edit deploy web command and add imagePullSecrets section. Use private-reg-cred 46 | ``` 47 | 48 |
49 | 50 | - To Check the status of PODs, Run 51 | 52 |
53 | 54 | ``` 55 | $ kubectl get pods 56 | ``` 57 |
58 | -------------------------------------------------------------------------------- /docs/06-Supply-Chain-Security/07-Use-static-analysis-of-user-workloads.md: -------------------------------------------------------------------------------- 1 | # Use static analysis of user workloads 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/use-static-analysis-of-user-workloads-e-g-kubernetes-resources-docker-files/) 4 | 5 | In this section, we will take a look at `Use static analysis of user workloads`. 6 | 7 | - Kubesec helps analyze a given resource definition file and returns a score along with details about the critical issues that were found in it. In this case it's rightly detected the issue with privileged containers. 8 | 9 | - To scan `pod.yaml` file. 10 | 11 | kubesec scan pod.yaml 12 | 13 | OR 14 | 15 | Use `curl` command to `POST` a file to the server as follows: 16 | 17 | curl -sSX POST --data-binary @"pod.yaml" https://v2.kubesec.io/scan 18 | 19 | 20 | -------------------------------------------------------------------------------- /docs/06-Supply-Chain-Security/08-Labs-kubesec.md: -------------------------------------------------------------------------------- 1 | # Lab - Kubesec 2 | 3 | - Take me to the [Lab](https://kodekloud.com/topic/labs-kubesec/) 4 | 5 | Solutions to Lab - Kubesec: 6 | 7 | - What is the kubesec plugin used for? 8 |
9 | 10 | ``` 11 | all of these 12 | ``` 13 |
14 | 15 | - To install kubesec plugin, Run 16 |
17 | 18 | ``` 19 | wget https://github.com/controlplaneio/kubesec/releases/download/v2.11.0/kubesec_linux_amd64.tar.gz 20 | 21 | tar -xvf kubesec_linux_amd64.tar.gz 22 | 23 | mv kubesec /usr/bin/ 24 | ``` 25 |
26 | 27 | - **`Bash`** format is NOT supported by kubesec. 28 | 29 | 30 | - We have a pod definition template `/root/node.yaml` on the controlplane host. Scan this template using kubesec and save the report in `/root/kubesec_report.json` file on the controlplane host itself. 31 |
32 | 33 | ``` 34 | # Run the command: 35 | kubesec scan /root/node.yaml > /root/kubesec_report.json 36 | 37 | 38 | Look into the report generated by the previous scan and identify the final status of the scan. 39 | 40 | Look for the message in the report. 41 | 42 | Answer: FAILED 43 | ``` 44 |
45 | 46 | - kubesec scan failed for pod definition file `/root/node.yaml`. Fix the issues in this file as per the suggestions in the scan report and make sure that the final kubesec scan status is passed. 47 |
48 | 49 | ``` 50 | In node.yaml, template change privileged: true to privileged: false under securityContext. 51 | ``` 52 |
-------------------------------------------------------------------------------- /docs/06-Supply-Chain-Security/10-Labs-Trivy.md: -------------------------------------------------------------------------------- 1 | # Lab - Trivy 2 | 3 | - Take me to the [Lab](https://kodekloud.com/topic/labs-trivy/) 4 | 5 | Solutions to Lab - Trivy: 6 | 7 | 1. 8 |
9 | 10 | ``` 11 | apt-get update 12 | apt-get install -y wget apt-transport-https gnupg lsb-release 13 | wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add - 14 | echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list 15 | 16 | #Update Repo and Install trivy 17 | apt-get update 18 | apt-get install trivy -y 19 | ``` 20 |
21 | 22 | 23 | 2. 24 |
25 | 26 | ``` 27 | trivy image 28 | ``` 29 |
30 | 31 | 3. 32 |
33 | 34 | ``` 35 | Yes 36 | ``` 37 |
38 | 39 | 4. 40 |
41 | 42 | ``` 43 | Network 44 | ``` 45 |
46 | 47 | 5. 48 |
49 | 50 | ``` 51 | 0.17.2 52 | ``` 53 |
54 | 55 | 6. 56 |
57 | 58 | ``` 59 | Ok 60 | ``` 61 |
62 | 63 | 7. 64 |
65 | 66 | ``` 67 | docker pull python:3.10.0a4-alpine 68 | 69 | trivy image --output /root/python_alpine.txt python:3.10.0a4-alpine 70 | ``` 71 |
72 | 73 | 8. 74 |
75 | 76 | ``` 77 | trivy image --severity HIGH --output /root/python.txt python:3.10.0a4-alpine 78 | ``` 79 |
80 | 81 | 9. 82 |
83 | 84 | ``` 85 | trivy image --input alpine.tar --format json --output /root/alpine.json 86 | ``` 87 |
88 | 89 | 90 | 91 | -------------------------------------------------------------------------------- /docs/07-Monitoring,-Logging-and-Runtime-Security/01-Section-Introduction.md: -------------------------------------------------------------------------------- 1 | # Section Introduction 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/section-introduction-9/) 4 | 5 | In this section, we will take a look at `Section Introduction`. 6 | 7 | ![section7Intro](../../images/section7Intro.png) 8 | 9 | 10 | -------------------------------------------------------------------------------- /docs/07-Monitoring,-Logging-and-Runtime-Security/02-Perform-behavioral-analytics-of-syscall-process.md: -------------------------------------------------------------------------------- 1 | # Perform behavioral analytics of syscall process 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/perform-behavioral-analytics-of-syscall-process/) 4 | 5 | In this section, we will take a look at `Perform behavioral analytics of syscall processes`. 6 | 7 | - It might seem that if an attacker already got into our systems, it's already too late and all is lost. However, this may not necessarily be true. 8 | 9 | - The sooner we find out about something that went wrong, the better it is. 10 | 11 | - Falco, the cloud-native runtime security project, is the de facto Kubernetes threat detection engine. 12 | 13 | - In the earlier sections of the course, we learned about syscalls in detail and saw how tools like strace and aquasec tracee can be used to analyze the syscalls that are used by the application inside a pod. When we have hundreds of applications running on several hundred pods generating thousands of syscalls. It is quite meaningless to just monitor the syscalls. What we need is a way to analyze the syscalls and filter events that are suspicious. falco can capture this event and then send alerts using various notification channels. 14 | 15 | ![falco1](../../images/falco1.png) 16 | 17 | 18 | 19 | ## References 20 | 21 | - https://falco.org/ 22 | -------------------------------------------------------------------------------- /docs/07-Monitoring,-Logging-and-Runtime-Security/04-Use-Falco-to-Detect-Threats.md: -------------------------------------------------------------------------------- 1 | # Use Falco to Detect Threats 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/use-falco-to-detect-threats-2/) 4 | 5 | In this section, we will take a look at `Use Falco to Detect Threats`. 6 | 7 | - Falco implements several rules by default - one of which alerted us that a shell was opened inside a container and another one that warned us that sensitive files read inside the container. 8 | 9 | - A Falco rules file is a YAML. 10 | 11 | ### Detect Shell inside a container rule 12 | 13 | rules.yaml 14 | 15 | - rule: Detect shell inside a container 16 | desc: Alert if a shell such as bash is open inside the container 17 | condition: container.id != host and proc.name = bash 18 | output: Bash opened (user=%user.name container=%container.id) 19 | priority: WARNING 20 | 21 | - The **`container.id`** and **`proc.name`** are known as **`Sysdig filters`** and they are extensively used by Falco. The Falco Policy engine makes use of these filters to extract information about an event such as the container ID, process name and several other. 22 | 23 | - Container.id filters the name of the container. 24 | 25 | - Proc.name–the name of the process. 26 | 27 | 28 | - In this previous we have used the value as **`WARNING`** but depending on the severity we can change them to any of –debug, informational, notice, warning,error, Critical alert,or emergency. 29 | 30 | ![falcoRules](../../images/falcoRules.png) 31 | 32 | 33 | 34 | 35 | ### References 36 | 37 | - https://falco.org/docs/rules/supported-fields/ 38 | -------------------------------------------------------------------------------- /docs/07-Monitoring,-Logging-and-Runtime-Security/07-Mutable-vs-Immutable-Infrastructure-Mutable-vs-Immutable-Infrastructure.md: -------------------------------------------------------------------------------- 1 | # Mutable vs Immutable Infrastructure 2 | 3 | - Take me to the [Video Tutorial](https://kodekloud.com/topic/mutable-vs-immutable-infrastructure-2/) 4 | 5 | In this section, we will take a look at `Mutable vs Immutable Infrastructure`. 6 | 7 | - Immutable means unchanged or something you cannot change. As a consequence, with immutable infrastructure, we cannot carry out in place updates of the resources. 8 | 9 | - The containers are designed keeping immutability in mind. 10 | -------------------------------------------------------------------------------- /docs/08-Mock-Exams/01-Mock-Exams-Introduction.md: -------------------------------------------------------------------------------- 1 | # Mock Exams Introduction 2 | 3 | - Take me to the [Mock Exams Introduction](https://kodekloud.com/topic/mock-exams-introduction/) 4 | 5 | In this section, we will take a look at `Mock Exams` Introduction. 6 | 7 | 8 | These exams were built to give you a real exam like feel in terms of your ability to read and interpret a given question, validate your own work, manage time to complete given tasks within the given time, and see where you went wrong. 9 | 10 | Having said that: 11 | 12 | - Please note that this exam is not a replica of the actual exam 13 | 14 | - Please note that the questions in these exams are not the same as in the actual exam 15 | 16 | - Please note that the interface is not the same as in the actual exam 17 | 18 | - Please note that the scoring system may not be the same as in the actual exam 19 | 20 | - Please note that the difficulty level may not be the same as in the actual exam 21 | -------------------------------------------------------------------------------- /docs/09-cks-challenges/README.md: -------------------------------------------------------------------------------- 1 | # CKS Challenges 2 | 3 | This series consists of a set of complex challenges that will assist you in mastering Kubernetes Security concepts and getting ready for the coveted Certified Kubernetes Security Specialist Certification. 4 | 5 | These challenges will test you on Kubernetes security concepts such as network policies, RBAC, seccomp, AppArmor, etc. To solve some of the tasks, you will also need to make use of third-party security tools such as Aquasec Trivy, Kubesec, CIS Benchmarks, and Falco from Sysdig open source. 6 | 7 | The interface of these challenges is divided into two parts: 8 | 9 | 1. The top half contains the Quiz portal where the details related to the challenge are displayed and an interactive Architecture diagram.
Click on the icons and the arrow connectors in the architecture diagram, and an associated task (if available) will be displayed on the quiz portal. 10 | 1. The bottom half of the interface contains the terminal to the Kubernetes control plane which you would use to complete the tasks.
You can click on the “Check” button to validate if a task is complete. If complete, the icons in the architecture diagram will be highlighted in green. If something is incomplete, it will be highlighted in red. 11 | 12 | 13 | To do CKS, we are tough, right? In the two hours for the exam there is a lot to get through including repetitive tasks like scanning multiple images with trivy. These solutions make use of various bash trickery and commands found on all Linux terminals like awk, sed and grep, that if you are comfortable with will save much time! 14 | 15 | - [01-Challenge-1](./01-challenge-1.md) 16 | - [02-Challenge-2](./02-challenge-2.md) 17 | - [03-Challenge-3](./03-challenge-3.md) 18 | - [04-Challenge-4](./04-challenge-4.md) 19 | 20 | -------------------------------------------------------------------------------- /images/4C.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/4C.png -------------------------------------------------------------------------------- /images/CVEScore.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/CVEScore.png -------------------------------------------------------------------------------- /images/Readme.md: -------------------------------------------------------------------------------- 1 | # Images 2 | -------------------------------------------------------------------------------- /images/V1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/V1.png -------------------------------------------------------------------------------- /images/abac.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/abac.PNG -------------------------------------------------------------------------------- /images/acc1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/acc1.PNG -------------------------------------------------------------------------------- /images/acc2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/acc2.PNG -------------------------------------------------------------------------------- /images/acc3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/acc3.PNG -------------------------------------------------------------------------------- /images/adm1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/adm1.png -------------------------------------------------------------------------------- /images/admissioncontroller1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/admissioncontroller1.png -------------------------------------------------------------------------------- /images/allowed.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/allowed.png -------------------------------------------------------------------------------- /images/allowedRules.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/allowedRules.png -------------------------------------------------------------------------------- /images/annotations.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/annotations.PNG -------------------------------------------------------------------------------- /images/api1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/api1.PNG -------------------------------------------------------------------------------- /images/api10.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/api10.PNG -------------------------------------------------------------------------------- /images/api2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/api2.PNG -------------------------------------------------------------------------------- /images/api3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/api3.PNG -------------------------------------------------------------------------------- /images/api4.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/api4.PNG -------------------------------------------------------------------------------- /images/api5.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/api5.PNG -------------------------------------------------------------------------------- /images/api6.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/api6.PNG -------------------------------------------------------------------------------- /images/api7.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/api7.PNG -------------------------------------------------------------------------------- /images/api8.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/api8.PNG -------------------------------------------------------------------------------- /images/api9.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/api9.PNG -------------------------------------------------------------------------------- /images/app.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/app.PNG -------------------------------------------------------------------------------- /images/apparmorProfiles.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/apparmorProfiles.png -------------------------------------------------------------------------------- /images/apparmorprofileBash.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/apparmorprofileBash.png -------------------------------------------------------------------------------- /images/args.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/args.PNG -------------------------------------------------------------------------------- /images/at1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/at1.PNG -------------------------------------------------------------------------------- /images/auth1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/auth1.PNG -------------------------------------------------------------------------------- /images/auth2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/auth2.PNG -------------------------------------------------------------------------------- /images/auth3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/auth3.PNG -------------------------------------------------------------------------------- /images/auth4.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/auth4.PNG -------------------------------------------------------------------------------- /images/auth5.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/auth5.PNG -------------------------------------------------------------------------------- /images/auth6.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/auth6.PNG -------------------------------------------------------------------------------- /images/bash.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/bash.PNG -------------------------------------------------------------------------------- /images/bc.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/bc.PNG -------------------------------------------------------------------------------- /images/be.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/be.PNG -------------------------------------------------------------------------------- /images/be1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/be1.PNG -------------------------------------------------------------------------------- /images/brc.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/brc.PNG -------------------------------------------------------------------------------- /images/ca.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ca.PNG -------------------------------------------------------------------------------- /images/ca1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ca1.PNG -------------------------------------------------------------------------------- /images/ca2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ca2.PNG -------------------------------------------------------------------------------- /images/cap.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cap.PNG -------------------------------------------------------------------------------- /images/cert.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cert.PNG -------------------------------------------------------------------------------- /images/cert1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cert1.PNG -------------------------------------------------------------------------------- /images/cert10.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cert10.PNG -------------------------------------------------------------------------------- /images/cert11.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cert11.PNG -------------------------------------------------------------------------------- /images/cert2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cert2.PNG -------------------------------------------------------------------------------- /images/cert3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cert3.PNG -------------------------------------------------------------------------------- /images/cert4.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cert4.PNG -------------------------------------------------------------------------------- /images/cert5.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cert5.PNG -------------------------------------------------------------------------------- /images/cert6.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cert6.PNG -------------------------------------------------------------------------------- /images/cert7.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cert7.PNG -------------------------------------------------------------------------------- /images/cert8.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cert8.PNG -------------------------------------------------------------------------------- /images/cert9.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cert9.PNG -------------------------------------------------------------------------------- /images/certs.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/certs.PNG -------------------------------------------------------------------------------- /images/challenge-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/challenge-1.png -------------------------------------------------------------------------------- /images/challenge-2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/challenge-2.png -------------------------------------------------------------------------------- /images/challenge-3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/challenge-3.png -------------------------------------------------------------------------------- /images/challenge-4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/challenge-4.png -------------------------------------------------------------------------------- /images/class1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/class1.PNG -------------------------------------------------------------------------------- /images/class10.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/class10.PNG -------------------------------------------------------------------------------- /images/class11.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/class11.PNG -------------------------------------------------------------------------------- /images/class12.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/class12.PNG -------------------------------------------------------------------------------- /images/class13.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/class13.PNG -------------------------------------------------------------------------------- /images/class14.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/class14.PNG -------------------------------------------------------------------------------- /images/class15.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/class15.PNG -------------------------------------------------------------------------------- /images/class16.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/class16.PNG -------------------------------------------------------------------------------- /images/class17.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/class17.PNG -------------------------------------------------------------------------------- /images/class18.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/class18.PNG -------------------------------------------------------------------------------- /images/class19.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/class19.PNG -------------------------------------------------------------------------------- /images/class2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/class2.PNG -------------------------------------------------------------------------------- /images/class20.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/class20.PNG -------------------------------------------------------------------------------- /images/class3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/class3.PNG -------------------------------------------------------------------------------- /images/class4.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/class4.PNG -------------------------------------------------------------------------------- /images/class5.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/class5.PNG -------------------------------------------------------------------------------- /images/class6.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/class6.PNG -------------------------------------------------------------------------------- /images/class7.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/class7.PNG -------------------------------------------------------------------------------- /images/class8.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/class8.PNG -------------------------------------------------------------------------------- /images/class9.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/class9.PNG -------------------------------------------------------------------------------- /images/cmd.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cmd.PNG -------------------------------------------------------------------------------- /images/cmd1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cmd1.PNG -------------------------------------------------------------------------------- /images/cmi.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cmi.PNG -------------------------------------------------------------------------------- /images/cmp.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cmp.PNG -------------------------------------------------------------------------------- /images/cmp1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cmp1.PNG -------------------------------------------------------------------------------- /images/cms.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cms.PNG -------------------------------------------------------------------------------- /images/cmv.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cmv.PNG -------------------------------------------------------------------------------- /images/controlPlaneConfiguration.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/controlPlaneConfiguration.png -------------------------------------------------------------------------------- /images/courseObjective.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/courseObjective.png -------------------------------------------------------------------------------- /images/cp.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cp.PNG -------------------------------------------------------------------------------- /images/cp1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cp1.PNG -------------------------------------------------------------------------------- /images/cr1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cr1.PNG -------------------------------------------------------------------------------- /images/crt1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/crt1.PNG -------------------------------------------------------------------------------- /images/crt2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/crt2.PNG -------------------------------------------------------------------------------- /images/crt3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/crt3.PNG -------------------------------------------------------------------------------- /images/crt4.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/crt4.PNG -------------------------------------------------------------------------------- /images/cs.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cs.png -------------------------------------------------------------------------------- /images/cs1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cs1.PNG -------------------------------------------------------------------------------- /images/cs2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/cs2.PNG -------------------------------------------------------------------------------- /images/csd.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/csd.PNG -------------------------------------------------------------------------------- /images/csec.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/csec.PNG -------------------------------------------------------------------------------- /images/csi.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/csi.PNG -------------------------------------------------------------------------------- /images/csr.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/csr.PNG -------------------------------------------------------------------------------- /images/csr1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/csr1.PNG -------------------------------------------------------------------------------- /images/csr2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/csr2.PNG -------------------------------------------------------------------------------- /images/csr3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/csr3.PNG -------------------------------------------------------------------------------- /images/csr4.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/csr4.PNG -------------------------------------------------------------------------------- /images/das.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/das.PNG -------------------------------------------------------------------------------- /images/dask.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/dask.PNG -------------------------------------------------------------------------------- /images/db.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/db.PNG -------------------------------------------------------------------------------- /images/dc.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/dc.PNG -------------------------------------------------------------------------------- /images/delete.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/delete.png -------------------------------------------------------------------------------- /images/deployment.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/deployment.PNG -------------------------------------------------------------------------------- /images/deployment1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/deployment1.PNG -------------------------------------------------------------------------------- /images/deployment2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/deployment2.PNG -------------------------------------------------------------------------------- /images/docker-runtime.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/docker-runtime.png -------------------------------------------------------------------------------- /images/docker-runtime1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/docker-runtime1.png -------------------------------------------------------------------------------- /images/dockerDaemon1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/dockerDaemon1.png -------------------------------------------------------------------------------- /images/dockerSVC.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/dockerSVC.png -------------------------------------------------------------------------------- /images/dockerSecure.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/dockerSecure.png -------------------------------------------------------------------------------- /images/dockerUserAccount.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/dockerUserAccount.png -------------------------------------------------------------------------------- /images/dp.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/dp.PNG -------------------------------------------------------------------------------- /images/drain.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/drain.PNG -------------------------------------------------------------------------------- /images/ds-uc-kp.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ds-uc-kp.PNG -------------------------------------------------------------------------------- /images/ds-uc.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ds-uc.PNG -------------------------------------------------------------------------------- /images/ds-ucn.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ds-ucn.PNG -------------------------------------------------------------------------------- /images/ds.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ds.PNG -------------------------------------------------------------------------------- /images/ds1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ds1.PNG -------------------------------------------------------------------------------- /images/ds2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ds2.PNG -------------------------------------------------------------------------------- /images/dsd.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/dsd.PNG -------------------------------------------------------------------------------- /images/dst.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/dst.PNG -------------------------------------------------------------------------------- /images/el.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/el.PNG -------------------------------------------------------------------------------- /images/enc.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/enc.PNG -------------------------------------------------------------------------------- /images/entry.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/entry.PNG -------------------------------------------------------------------------------- /images/entry1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/entry1.PNG -------------------------------------------------------------------------------- /images/env.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/env.PNG -------------------------------------------------------------------------------- /images/er.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/er.PNG -------------------------------------------------------------------------------- /images/erest.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/erest.PNG -------------------------------------------------------------------------------- /images/etc1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/etc1.PNG -------------------------------------------------------------------------------- /images/etc2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/etc2.PNG -------------------------------------------------------------------------------- /images/etcd-ha.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/etcd-ha.PNG -------------------------------------------------------------------------------- /images/etcd.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/etcd.PNG -------------------------------------------------------------------------------- /images/etcd1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/etcd1.PNG -------------------------------------------------------------------------------- /images/etcdNodeConfiguration.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/etcdNodeConfiguration.png -------------------------------------------------------------------------------- /images/etcdctl.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/etcdctl.PNG -------------------------------------------------------------------------------- /images/etcdctl1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/etcdctl1.PNG -------------------------------------------------------------------------------- /images/ex.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ex.PNG -------------------------------------------------------------------------------- /images/examInfo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/examInfo.png -------------------------------------------------------------------------------- /images/falco1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/falco1.png -------------------------------------------------------------------------------- /images/falco2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/falco2.png -------------------------------------------------------------------------------- /images/falcoRules.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/falcoRules.png -------------------------------------------------------------------------------- /images/falcoconfig00.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/falcoconfig00.png -------------------------------------------------------------------------------- /images/falcoconfig01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/falcoconfig01.png -------------------------------------------------------------------------------- /images/fwRules.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/fwRules.png -------------------------------------------------------------------------------- /images/gadvisor.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/gadvisor.png -------------------------------------------------------------------------------- /images/gvisor-k8s.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/gvisor-k8s.png -------------------------------------------------------------------------------- /images/hpms.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/hpms.PNG -------------------------------------------------------------------------------- /images/hrd.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/hrd.PNG -------------------------------------------------------------------------------- /images/hrd1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/hrd1.PNG -------------------------------------------------------------------------------- /images/hrd2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/hrd2.PNG -------------------------------------------------------------------------------- /images/hrd3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/hrd3.PNG -------------------------------------------------------------------------------- /images/hrd4.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/hrd4.PNG -------------------------------------------------------------------------------- /images/hrd5.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/hrd5.PNG -------------------------------------------------------------------------------- /images/hrd6.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/hrd6.PNG -------------------------------------------------------------------------------- /images/img1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/img1.PNG -------------------------------------------------------------------------------- /images/img2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/img2.PNG -------------------------------------------------------------------------------- /images/immutable20.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/immutable20.png -------------------------------------------------------------------------------- /images/ing1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ing1.PNG -------------------------------------------------------------------------------- /images/ing2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ing2.PNG -------------------------------------------------------------------------------- /images/jnode.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/jnode.PNG -------------------------------------------------------------------------------- /images/jpod.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/jpod.PNG -------------------------------------------------------------------------------- /images/k8s-arch.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/k8s-arch.PNG -------------------------------------------------------------------------------- /images/k8s-arch1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/k8s-arch1.PNG -------------------------------------------------------------------------------- /images/k8sDashboard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/k8sDashboard.png -------------------------------------------------------------------------------- /images/k8sNP.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/k8sNP.png -------------------------------------------------------------------------------- /images/k8sRelease.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/k8sRelease.png -------------------------------------------------------------------------------- /images/k8sSSH.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/k8sSSH.png -------------------------------------------------------------------------------- /images/k8sauth.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/k8sauth.png -------------------------------------------------------------------------------- /images/ka.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ka.PNG -------------------------------------------------------------------------------- /images/kata1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kata1.png -------------------------------------------------------------------------------- /images/kc1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kc1.PNG -------------------------------------------------------------------------------- /images/kc10.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kc10.PNG -------------------------------------------------------------------------------- /images/kc11.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kc11.PNG -------------------------------------------------------------------------------- /images/kc12.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kc12.PNG -------------------------------------------------------------------------------- /images/kc2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kc2.PNG -------------------------------------------------------------------------------- /images/kc3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kc3.PNG -------------------------------------------------------------------------------- /images/kc4.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kc4.PNG -------------------------------------------------------------------------------- /images/kc5.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kc5.PNG -------------------------------------------------------------------------------- /images/kc6.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kc6.PNG -------------------------------------------------------------------------------- /images/kc7.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kc7.PNG -------------------------------------------------------------------------------- /images/kc8.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kc8.PNG -------------------------------------------------------------------------------- /images/kc9.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kc9.PNG -------------------------------------------------------------------------------- /images/kctl1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kctl1.PNG -------------------------------------------------------------------------------- /images/kctl2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kctl2.PNG -------------------------------------------------------------------------------- /images/kernel.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kernel.png -------------------------------------------------------------------------------- /images/kernelTouch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kernelTouch.png -------------------------------------------------------------------------------- /images/key-value.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/key-value.PNG -------------------------------------------------------------------------------- /images/key-value1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/key-value1.PNG -------------------------------------------------------------------------------- /images/key-value2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/key-value2.PNG -------------------------------------------------------------------------------- /images/key-value3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/key-value3.PNG -------------------------------------------------------------------------------- /images/kgn.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kgn.PNG -------------------------------------------------------------------------------- /images/kp.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kp.PNG -------------------------------------------------------------------------------- /images/ks.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ks.PNG -------------------------------------------------------------------------------- /images/ksec.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ksec.PNG -------------------------------------------------------------------------------- /images/kube-apiserver.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kube-apiserver.PNG -------------------------------------------------------------------------------- /images/kube-apiserver1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kube-apiserver1.PNG -------------------------------------------------------------------------------- /images/kube-apiserver2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kube-apiserver2.PNG -------------------------------------------------------------------------------- /images/kube-apiserver3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kube-apiserver3.PNG -------------------------------------------------------------------------------- /images/kube-apiserver4.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kube-apiserver4.PNG -------------------------------------------------------------------------------- /images/kube-controller-manager.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kube-controller-manager.PNG -------------------------------------------------------------------------------- /images/kube-controller-manager0.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kube-controller-manager0.PNG -------------------------------------------------------------------------------- /images/kube-controller-manager1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kube-controller-manager1.PNG -------------------------------------------------------------------------------- /images/kube-controller-manager2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kube-controller-manager2.PNG -------------------------------------------------------------------------------- /images/kube-controller-manager3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kube-controller-manager3.PNG -------------------------------------------------------------------------------- /images/kube-proxy.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kube-proxy.PNG -------------------------------------------------------------------------------- /images/kube-proxy1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kube-proxy1.PNG -------------------------------------------------------------------------------- /images/kube-proxy2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kube-proxy2.PNG -------------------------------------------------------------------------------- /images/kube-scheduler1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kube-scheduler1.PNG -------------------------------------------------------------------------------- /images/kube-scheduler2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kube-scheduler2.PNG -------------------------------------------------------------------------------- /images/kube-scheduler3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kube-scheduler3.PNG -------------------------------------------------------------------------------- /images/kube-scheduler4.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kube-scheduler4.PNG -------------------------------------------------------------------------------- /images/kube-scheduler5.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kube-scheduler5.PNG -------------------------------------------------------------------------------- /images/kube1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kube1.png -------------------------------------------------------------------------------- /images/kubectl.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kubectl.PNG -------------------------------------------------------------------------------- /images/kubelet.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kubelet.PNG -------------------------------------------------------------------------------- /images/kubelet.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kubelet.png -------------------------------------------------------------------------------- /images/kubelet1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kubelet1.PNG -------------------------------------------------------------------------------- /images/kubelet2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kubelet2.PNG -------------------------------------------------------------------------------- /images/kubeletConfig.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kubeletConfig.png -------------------------------------------------------------------------------- /images/kubeu.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kubeu.PNG -------------------------------------------------------------------------------- /images/kubeu1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kubeu1.PNG -------------------------------------------------------------------------------- /images/kubeu2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kubeu2.PNG -------------------------------------------------------------------------------- /images/kubeu3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kubeu3.PNG -------------------------------------------------------------------------------- /images/kublet.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/kublet.PNG -------------------------------------------------------------------------------- /images/la.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/la.PNG -------------------------------------------------------------------------------- /images/labels-ckc.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/labels-ckc.PNG -------------------------------------------------------------------------------- /images/labels.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/labels.PNG -------------------------------------------------------------------------------- /images/lables-animals.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/lables-animals.PNG -------------------------------------------------------------------------------- /images/lc.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/lc.PNG -------------------------------------------------------------------------------- /images/lco.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/lco.PNG -------------------------------------------------------------------------------- /images/ld.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ld.PNG -------------------------------------------------------------------------------- /images/ld1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ld1.PNG -------------------------------------------------------------------------------- /images/leastPrivileges.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/leastPrivileges.png -------------------------------------------------------------------------------- /images/lf.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/lf.PNG -------------------------------------------------------------------------------- /images/lg.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/lg.PNG -------------------------------------------------------------------------------- /images/linkerd.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/linkerd.png -------------------------------------------------------------------------------- /images/linuxCap.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/linuxCap.png -------------------------------------------------------------------------------- /images/linuxcapK8s.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/linuxcapK8s.png -------------------------------------------------------------------------------- /images/linuxcapk8s1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/linuxcapk8s1.png -------------------------------------------------------------------------------- /images/lk.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/lk.PNG -------------------------------------------------------------------------------- /images/ln.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ln.PNG -------------------------------------------------------------------------------- /images/loga.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/loga.PNG -------------------------------------------------------------------------------- /images/logs-k8s.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/logs-k8s.png -------------------------------------------------------------------------------- /images/logs.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/logs.PNG -------------------------------------------------------------------------------- /images/logs1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/logs1.PNG -------------------------------------------------------------------------------- /images/loop.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/loop.PNG -------------------------------------------------------------------------------- /images/lpod.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/lpod.PNG -------------------------------------------------------------------------------- /images/lrs.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/lrs.PNG -------------------------------------------------------------------------------- /images/lrs1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/lrs1.PNG -------------------------------------------------------------------------------- /images/ls.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ls.PNG -------------------------------------------------------------------------------- /images/lse.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/lse.PNG -------------------------------------------------------------------------------- /images/lstio1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/lstio1.png -------------------------------------------------------------------------------- /images/lstio22.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/lstio22.png -------------------------------------------------------------------------------- /images/lstio3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/lstio3.png -------------------------------------------------------------------------------- /images/lt.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/lt.PNG -------------------------------------------------------------------------------- /images/mcp.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/mcp.PNG -------------------------------------------------------------------------------- /images/mcpc.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/mcpc.PNG -------------------------------------------------------------------------------- /images/mem.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/mem.PNG -------------------------------------------------------------------------------- /images/mmp.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/mmp.PNG -------------------------------------------------------------------------------- /images/mode.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/mode.PNG -------------------------------------------------------------------------------- /images/mode1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/mode1.PNG -------------------------------------------------------------------------------- /images/mon.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/mon.PNG -------------------------------------------------------------------------------- /images/ms.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ms.PNG -------------------------------------------------------------------------------- /images/ms1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ms1.PNG -------------------------------------------------------------------------------- /images/msg.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/msg.PNG -------------------------------------------------------------------------------- /images/na.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/na.PNG -------------------------------------------------------------------------------- /images/na1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/na1.PNG -------------------------------------------------------------------------------- /images/na2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/na2.PNG -------------------------------------------------------------------------------- /images/namespace.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/namespace.PNG -------------------------------------------------------------------------------- /images/namespace1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/namespace1.PNG -------------------------------------------------------------------------------- /images/nat.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/nat.PNG -------------------------------------------------------------------------------- /images/nats.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/nats.PNG -------------------------------------------------------------------------------- /images/nats1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/nats1.PNG -------------------------------------------------------------------------------- /images/net1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/net1.PNG -------------------------------------------------------------------------------- /images/net10.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/net10.PNG -------------------------------------------------------------------------------- /images/net11.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/net11.PNG -------------------------------------------------------------------------------- /images/net12.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/net12.PNG -------------------------------------------------------------------------------- /images/net13.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/net13.PNG -------------------------------------------------------------------------------- /images/net14.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/net14.PNG -------------------------------------------------------------------------------- /images/net15.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/net15.PNG -------------------------------------------------------------------------------- /images/net2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/net2.PNG -------------------------------------------------------------------------------- /images/net3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/net3.PNG -------------------------------------------------------------------------------- /images/net4.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/net4.PNG -------------------------------------------------------------------------------- /images/net5.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/net5.PNG -------------------------------------------------------------------------------- /images/net6.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/net6.PNG -------------------------------------------------------------------------------- /images/net7.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/net7.PNG -------------------------------------------------------------------------------- /images/net8.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/net8.PNG -------------------------------------------------------------------------------- /images/net9.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/net9.PNG -------------------------------------------------------------------------------- /images/netstat.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/netstat.png -------------------------------------------------------------------------------- /images/node-auth.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/node-auth.png -------------------------------------------------------------------------------- /images/node-controller.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/node-controller.PNG -------------------------------------------------------------------------------- /images/node.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/node.PNG -------------------------------------------------------------------------------- /images/note.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/note.PNG -------------------------------------------------------------------------------- /images/note1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/note1.PNG -------------------------------------------------------------------------------- /images/np.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/np.PNG -------------------------------------------------------------------------------- /images/npol.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/npol.PNG -------------------------------------------------------------------------------- /images/npol1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/npol1.PNG -------------------------------------------------------------------------------- /images/npol2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/npol2.PNG -------------------------------------------------------------------------------- /images/npol3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/npol3.PNG -------------------------------------------------------------------------------- /images/npol4.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/npol4.PNG -------------------------------------------------------------------------------- /images/npolsec.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/npolsec.PNG -------------------------------------------------------------------------------- /images/ns-old.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ns-old.PNG -------------------------------------------------------------------------------- /images/ns.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ns.PNG -------------------------------------------------------------------------------- /images/ns1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ns1.PNG -------------------------------------------------------------------------------- /images/ns10.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ns10.PNG -------------------------------------------------------------------------------- /images/ns11.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ns11.PNG -------------------------------------------------------------------------------- /images/ns12.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ns12.PNG -------------------------------------------------------------------------------- /images/ns13.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ns13.PNG -------------------------------------------------------------------------------- /images/ns2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ns2.PNG -------------------------------------------------------------------------------- /images/ns3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ns3.PNG -------------------------------------------------------------------------------- /images/ns4.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ns4.PNG -------------------------------------------------------------------------------- /images/ns5.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ns5.PNG -------------------------------------------------------------------------------- /images/ns6.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ns6.PNG -------------------------------------------------------------------------------- /images/ns7.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ns7.PNG -------------------------------------------------------------------------------- /images/ns8.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ns8.PNG -------------------------------------------------------------------------------- /images/ns9.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ns9.PNG -------------------------------------------------------------------------------- /images/nsec.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/nsec.PNG -------------------------------------------------------------------------------- /images/nsel.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/nsel.PNG -------------------------------------------------------------------------------- /images/nsel1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/nsel1.PNG -------------------------------------------------------------------------------- /images/nsl.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/nsl.PNG -------------------------------------------------------------------------------- /images/opt.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/opt.PNG -------------------------------------------------------------------------------- /images/os.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/os.PNG -------------------------------------------------------------------------------- /images/other-controllers.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/other-controllers.PNG -------------------------------------------------------------------------------- /images/parent.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/parent.png -------------------------------------------------------------------------------- /images/pki.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/pki.PNG -------------------------------------------------------------------------------- /images/pod.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/pod.PNG -------------------------------------------------------------------------------- /images/pod1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/pod1.PNG -------------------------------------------------------------------------------- /images/pod2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/pod2.PNG -------------------------------------------------------------------------------- /images/pod3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/pod3.PNG -------------------------------------------------------------------------------- /images/pod4.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/pod4.PNG -------------------------------------------------------------------------------- /images/post.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/post.PNG -------------------------------------------------------------------------------- /images/priv1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/priv1.png -------------------------------------------------------------------------------- /images/privateReg.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/privateReg.png -------------------------------------------------------------------------------- /images/prvr.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/prvr.PNG -------------------------------------------------------------------------------- /images/prvr1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/prvr1.PNG -------------------------------------------------------------------------------- /images/r1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/r1.PNG -------------------------------------------------------------------------------- /images/r2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/r2.PNG -------------------------------------------------------------------------------- /images/r3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/r3.PNG -------------------------------------------------------------------------------- /images/r4.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/r4.PNG -------------------------------------------------------------------------------- /images/rb.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rb.PNG -------------------------------------------------------------------------------- /images/rbac.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rbac.PNG -------------------------------------------------------------------------------- /images/rbac1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rbac1.PNG -------------------------------------------------------------------------------- /images/rbac2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rbac2.PNG -------------------------------------------------------------------------------- /images/rbac3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rbac3.PNG -------------------------------------------------------------------------------- /images/rbac4.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rbac4.PNG -------------------------------------------------------------------------------- /images/rbac5.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rbac5.PNG -------------------------------------------------------------------------------- /images/rc.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rc.PNG -------------------------------------------------------------------------------- /images/rc1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rc1.PNG -------------------------------------------------------------------------------- /images/rc2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rc2.PNG -------------------------------------------------------------------------------- /images/rc3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rc3.PNG -------------------------------------------------------------------------------- /images/rcd.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rcd.PNG -------------------------------------------------------------------------------- /images/rcd1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rcd1.PNG -------------------------------------------------------------------------------- /images/rci.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rci.PNG -------------------------------------------------------------------------------- /images/rcrl.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rcrl.PNG -------------------------------------------------------------------------------- /images/ref.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/ref.PNG -------------------------------------------------------------------------------- /images/relational-dbs.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/relational-dbs.PNG -------------------------------------------------------------------------------- /images/removepackage.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/removepackage.png -------------------------------------------------------------------------------- /images/replication-controller.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/replication-controller.PNG -------------------------------------------------------------------------------- /images/requiredPorts.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/requiredPorts.png -------------------------------------------------------------------------------- /images/restrictKernel.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/restrictKernel.png -------------------------------------------------------------------------------- /images/restrictNetwork.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/restrictNetwork.png -------------------------------------------------------------------------------- /images/rl.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rl.PNG -------------------------------------------------------------------------------- /images/roles.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/roles.PNG -------------------------------------------------------------------------------- /images/rollc.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rollc.PNG -------------------------------------------------------------------------------- /images/rollv.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rollv.PNG -------------------------------------------------------------------------------- /images/rr-pod.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rr-pod.PNG -------------------------------------------------------------------------------- /images/rr.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rr.PNG -------------------------------------------------------------------------------- /images/rs.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rs.PNG -------------------------------------------------------------------------------- /images/rs1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rs1.PNG -------------------------------------------------------------------------------- /images/rs2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rs2.PNG -------------------------------------------------------------------------------- /images/rsc.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rsc.PNG -------------------------------------------------------------------------------- /images/rsl.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rsl.PNG -------------------------------------------------------------------------------- /images/rsl1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rsl1.PNG -------------------------------------------------------------------------------- /images/rsm.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/rsm.PNG -------------------------------------------------------------------------------- /images/sc1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/sc1.png -------------------------------------------------------------------------------- /images/sc2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/sc2.PNG -------------------------------------------------------------------------------- /images/sc3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/sc3.PNG -------------------------------------------------------------------------------- /images/sec.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/sec.PNG -------------------------------------------------------------------------------- /images/seccompFilters.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/seccompFilters.png -------------------------------------------------------------------------------- /images/seccompModes.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/seccompModes.png -------------------------------------------------------------------------------- /images/seccompdocker.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/seccompdocker.png -------------------------------------------------------------------------------- /images/seccompk8s.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/seccompk8s.png -------------------------------------------------------------------------------- /images/seccompk8sPod.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/seccompk8sPod.png -------------------------------------------------------------------------------- /images/secd.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/secd.PNG -------------------------------------------------------------------------------- /images/sech.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/sech.PNG -------------------------------------------------------------------------------- /images/seck.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/seck.PNG -------------------------------------------------------------------------------- /images/seco.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/seco.PNG -------------------------------------------------------------------------------- /images/secp.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/secp.PNG -------------------------------------------------------------------------------- /images/secpv.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/secpv.PNG -------------------------------------------------------------------------------- /images/section4Intro.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/section4Intro.png -------------------------------------------------------------------------------- /images/section5Intro.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/section5Intro.png -------------------------------------------------------------------------------- /images/section6Intro.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/section6Intro.png -------------------------------------------------------------------------------- /images/section7Intro.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/section7Intro.png -------------------------------------------------------------------------------- /images/secv.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/secv.PNG -------------------------------------------------------------------------------- /images/simpleBashScript.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/simpleBashScript.png -------------------------------------------------------------------------------- /images/sl.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/sl.PNG -------------------------------------------------------------------------------- /images/sleep.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/sleep.PNG -------------------------------------------------------------------------------- /images/sleep1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/sleep1.PNG -------------------------------------------------------------------------------- /images/sleep2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/sleep2.PNG -------------------------------------------------------------------------------- /images/sort.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/sort.PNG -------------------------------------------------------------------------------- /images/sp.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/sp.PNG -------------------------------------------------------------------------------- /images/sp1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/sp1.PNG -------------------------------------------------------------------------------- /images/sp2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/sp2.PNG -------------------------------------------------------------------------------- /images/sp3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/sp3.PNG -------------------------------------------------------------------------------- /images/sp4.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/sp4.PNG -------------------------------------------------------------------------------- /images/sp5.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/sp5.PNG -------------------------------------------------------------------------------- /images/spvsds.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/spvsds.PNG -------------------------------------------------------------------------------- /images/srv-types.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/srv-types.PNG -------------------------------------------------------------------------------- /images/srv1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/srv1.PNG -------------------------------------------------------------------------------- /images/srv2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/srv2.PNG -------------------------------------------------------------------------------- /images/srv3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/srv3.PNG -------------------------------------------------------------------------------- /images/srv4.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/srv4.PNG -------------------------------------------------------------------------------- /images/srvc1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/srvc1.PNG -------------------------------------------------------------------------------- /images/srvc2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/srvc2.PNG -------------------------------------------------------------------------------- /images/srvc3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/srvc3.PNG -------------------------------------------------------------------------------- /images/srvnp.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/srvnp.PNG -------------------------------------------------------------------------------- /images/srvnp1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/srvnp1.PNG -------------------------------------------------------------------------------- /images/srvnp2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/srvnp2.PNG -------------------------------------------------------------------------------- /images/srvnp3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/srvnp3.PNG -------------------------------------------------------------------------------- /images/srvnp4.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/srvnp4.PNG -------------------------------------------------------------------------------- /images/sshHarderning.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/sshHarderning.png -------------------------------------------------------------------------------- /images/stg1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/stg1.PNG -------------------------------------------------------------------------------- /images/stg2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/stg2.PNG -------------------------------------------------------------------------------- /images/stg3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/stg3.PNG -------------------------------------------------------------------------------- /images/sudo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/sudo.png -------------------------------------------------------------------------------- /images/sum.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/sum.PNG -------------------------------------------------------------------------------- /images/svc.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/svc.PNG -------------------------------------------------------------------------------- /images/sxc1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/sxc1.PNG -------------------------------------------------------------------------------- /images/sxc2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/sxc2.PNG -------------------------------------------------------------------------------- /images/tandt.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/tandt.PNG -------------------------------------------------------------------------------- /images/tls.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/tls.PNG -------------------------------------------------------------------------------- /images/tls1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/tls1.PNG -------------------------------------------------------------------------------- /images/tn-na.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/tn-na.PNG -------------------------------------------------------------------------------- /images/tn-ns.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/tn-ns.PNG -------------------------------------------------------------------------------- /images/tn-nsa.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/tn-nsa.png -------------------------------------------------------------------------------- /images/tn.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/tn.PNG -------------------------------------------------------------------------------- /images/tntm.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/tntm.PNG -------------------------------------------------------------------------------- /images/tp.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/tp.PNG -------------------------------------------------------------------------------- /images/trace.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/trace.png -------------------------------------------------------------------------------- /images/tracee.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/tracee.png -------------------------------------------------------------------------------- /images/traffic.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/traffic.PNG -------------------------------------------------------------------------------- /images/trivy-nginx.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/trivy-nginx.png -------------------------------------------------------------------------------- /images/up.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/up.PNG -------------------------------------------------------------------------------- /images/up1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/up1.PNG -------------------------------------------------------------------------------- /images/up2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/up2.PNG -------------------------------------------------------------------------------- /images/view.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/view.PNG -------------------------------------------------------------------------------- /images/vm1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/vm1.png -------------------------------------------------------------------------------- /images/web.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/web.PNG -------------------------------------------------------------------------------- /images/web1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/web1.PNG -------------------------------------------------------------------------------- /images/webhook.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/webhook.PNG -------------------------------------------------------------------------------- /images/wrk.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kodekloudhub/certified-kubernetes-security-specialist-cks-course/681abaacb869f3fbc8ac90c863c3839da1fa2ea8/images/wrk.PNG -------------------------------------------------------------------------------- /temp.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "op": "remove", 4 | "path": "/spec/template/spec/containers/0/env" 5 | }, 6 | { 7 | "op": "add", 8 | "path": "/spec/template/spec/containers/0/env", 9 | "value": [ 10 | { 11 | "name": "DB_User", 12 | "valueFrom": { 13 | "secretKeyRef": { 14 | "key": "DB_User", 15 | "name": "prod-db" 16 | } 17 | } 18 | }, 19 | { 20 | "name": "DB_Host", 21 | "valueFrom": { 22 | "secretKeyRef": { 23 | "key": "DB_Host", 24 | "name": "prod-db" 25 | } 26 | } 27 | }, 28 | { 29 | "name": "DB_Password", 30 | "valueFrom": { 31 | "secretKeyRef": { 32 | "key": "DB_Password", 33 | "name": "prod-db" 34 | } 35 | } 36 | } 37 | ] 38 | ] --------------------------------------------------------------------------------