Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Best Practices for Calico Security Policy Implementation in Kubernetes

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore best practices for implementing Calico security policies in Kubernetes environments in this 47-minute conference talk. Learn about the Kubernetes networking model, security challenges, and workload identity. Discover Calico security policy features, anatomy, and behavior. Gain insights into effective implementation strategies and examine various security policy patterns, including denylists, kube-dns, and tenant restrictions. Understand how to enforce default-deny policies for tenants and implement security policy governance. Explore Calico documentation and learn about Calico Enterprise and Calico Cloud offerings to enhance your Kubernetes security posture.

Syllabus

Intro
Kubernetes Networking Model
Security Challenges with Kubernetes
Workload Identity, Networking and Security
Security Policy Characteristics
Calico Security Policy Features
Anatomy of a Calico Security Policy
Security Policy Behavior
Best Practices for Security Policy Implementation
Example Security Policy Patterns
Security Policy - denylist
Security Policy - kube-dns
Security Policy - tenant-1-restrict
Security Policy - checkoutservice
Security Policy - yaobank
Security Policy - bookinfo
Enforce Default-Deny for Tenants
Security Policy Governance
Calico Documentation
Calico Enterprise and Calico Cloud

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Best Practices for Calico Security Policy Implementation in Kubernetes

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.