Applying a Zero Trust Infrastructure in Kubernetes
Originally published by New Context.
For most businesses today, there is no greater concern than the cloud security risks that may threaten your operations and resources. There are many reasons and advantages to making a digital transformation; however, the biggest threat is neglecting to devise a plan or strategy to guard against cloud security vulnerabilities for your deployment. One of the best ways to accomplish this is to eliminate trust from your network or implement a zero trust strategy. In this article, we define the zero trust infrastructure and then explain its utilization for Kubernetes deployment and/or services.
What is a Zero Trust Infrastructure?
A famous phrase attributed to President Ronald Reagan that he is reported to have used many times during meetings with his Soviet counterpart Mikhail Gorbachev is ”doveryai, no proveryai.” In English, this term translates to “trust, but verify.” A more constrained interpretation—never trust, always verify—is the core concept from which John Kindervag devised the Zero Trust Model for cybersecurity. This model as implemented today is based on the pillars of verification, contextualization, security, and access control.
Image Source | Centrify
In a zero trust model like the figure above, nothing is trusted. No application, database, service, or infrastructure is trusted by default. Everything and everyone must be audited and verified. When one piece of inventory wants to speak with another, it communicates through a gateway (like a server or network device) which authenticates according to access policy, grants least privilege, and routes through a specified VLAN. This approach, while seemingly burdensome, adds adaptability beyond automation compliance to your cloud security and has distinct advantages.
Zero Trust Advantages
Instituting the zero trust strategy can have the following advantages for your security posture:
- Automatically disallow suspicious activity
- Limit access by providing Just-In-Time (JIT) and least privilege
- Detect attacks and anomalies
- Check and manage version accessibility
Gaining these advantages requires that you incorporate the principle of least privilege (PoLP) when providing access to resources. Specifically, this means that only the minimum required access necessary to fulfill the function are available to users, programs, and processes.
Now, let’s take a look at how this adaptive security strategy can be applied to support the rapidly increasing usage of Kubernetes.
How to Apply Zero Trust to Kubernetes
Container-based cloud deployments are growing in production environment usage. This is due to their ease of use in deploying streamlined, secure infrastructure. Kubernetes is one of the management systems that is leading the way due to its flexibility, scalability, and automation. While this platform includes secrets management, it does not implicitly promote a zero trust methodology. Zero trust can be implemented with the following steps:
- Identify every resource
- Authenticate every request
- Provide just-in-time and least privilege to authenticated workloads
- Remove privilege once task is completed
- Consistently monitor, control, and audit
By instituting the requirements above for users, programs, and process requests for access to pods, you can strengthen your Kubernetes security posture and prevent attacks from internal and external threats. A simple means of leveraging the advantages of Kubernetes in a zero trust environment may be at hand using the workload authentication capabilities of the Secure Production Identity Framework for Everyone (SPIFFE). Additionally, Kubernetes has native tooling that can be used to add network monitoring and visibility, and to automate rule and policy creation.
Irrespective of how you implement a zero trust infrastructure in Kubernetes, it is recommended that you seek the expertise of a digital transformation security consultant to thoroughly guide the process.