DEVELOPMENT OF VERSIONING FEATURES ON KUBERNETES SECRETS
In the era of cloud computing, Kubernetes has emerged as the leading platform for automating the deployment, scaling and management of containerized applications. An important component of Kubernetes is Secrets, objects that store sensitive data such as passwords, private keys and TLS certificate...
Saved in:
| Main Author: | |
|---|---|
| Format: | Final Project |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/74105 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| id |
id-itb.:74105 |
|---|---|
| spelling |
id-itb.:741052023-06-26T12:49:54ZDEVELOPMENT OF VERSIONING FEATURES ON KUBERNETES SECRETS Nuriman, Allief Indonesia Final Project kubernetes, secrets, versioning, secrets management, data security INSTITUT TEKNOLOGI BANDUNG https://digilib.itb.ac.id/gdl/view/74105 In the era of cloud computing, Kubernetes has emerged as the leading platform for automating the deployment, scaling and management of containerized applications. An important component of Kubernetes is Secrets, objects that store sensitive data such as passwords, private keys and TLS certificates. However, managing these Secrets, particularly in terms of versioning, poses significant challenges. Versioning refers to the ability of Kubernetes Secrets to store multiple versions of Secret values, increasing the flexibility and security of the system. Several tools, including HashiCorp Vault and Google Secrets Manager, offer solutions for Secret Management in Kubernetes. These tools support versioning Secrets, enabling easy monitoring of changes. However, integrating these tools into Kubernetes and ensuring safe and efficient versioning of Secrets is a complex matter. Through STRIDE and CIA threat identification techniques, potential threats to versioning are identified and addressed. An additional Kubernetes resource and controller is implemented using Python, along with libraries such as kopf and kubernetes, to interact with the Kubernetes API. A CustomResourceDefinition (CRD) is also defined to manage the NewSecret object in Kubernetes. The results show that the Secrets Management system, coupled with the Kubernetes Secrets versioning feature, contributes to improving data security in Kubernetes. text |
| institution |
Institut Teknologi Bandung |
| building |
Institut Teknologi Bandung Library |
| continent |
Asia |
| country |
Indonesia Indonesia |
| content_provider |
Institut Teknologi Bandung |
| collection |
Digital ITB |
| language |
Indonesia |
| description |
In the era of cloud computing, Kubernetes has emerged as the leading platform for
automating the deployment, scaling and management of containerized applications.
An important component of Kubernetes is Secrets, objects that store sensitive data
such as passwords, private keys and TLS certificates. However, managing these
Secrets, particularly in terms of versioning, poses significant challenges.
Versioning refers to the ability of Kubernetes Secrets to store multiple versions of
Secret values, increasing the flexibility and security of the system.
Several tools, including HashiCorp Vault and Google Secrets Manager, offer
solutions for Secret Management in Kubernetes. These tools support versioning
Secrets, enabling easy monitoring of changes. However, integrating these tools into
Kubernetes and ensuring safe and efficient versioning of Secrets is a complex
matter.
Through STRIDE and CIA threat identification techniques, potential threats to
versioning are identified and addressed. An additional Kubernetes resource and
controller is implemented using Python, along with libraries such as kopf and
kubernetes, to interact with the Kubernetes API. A CustomResourceDefinition
(CRD) is also defined to manage the NewSecret object in Kubernetes. The results
show that the Secrets Management system, coupled with the Kubernetes Secrets
versioning feature, contributes to improving data security in Kubernetes. |
| format |
Final Project |
| author |
Nuriman, Allief |
| spellingShingle |
Nuriman, Allief DEVELOPMENT OF VERSIONING FEATURES ON KUBERNETES SECRETS |
| author_facet |
Nuriman, Allief |
| author_sort |
Nuriman, Allief |
| title |
DEVELOPMENT OF VERSIONING FEATURES ON KUBERNETES SECRETS |
| title_short |
DEVELOPMENT OF VERSIONING FEATURES ON KUBERNETES SECRETS |
| title_full |
DEVELOPMENT OF VERSIONING FEATURES ON KUBERNETES SECRETS |
| title_fullStr |
DEVELOPMENT OF VERSIONING FEATURES ON KUBERNETES SECRETS |
| title_full_unstemmed |
DEVELOPMENT OF VERSIONING FEATURES ON KUBERNETES SECRETS |
| title_sort |
development of versioning features on kubernetes secrets |
| url |
https://digilib.itb.ac.id/gdl/view/74105 |
| _version_ |
1822279782927171584 |