Stop Leaking Kubernetes Service Information via DNS
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Discover how to enhance Kubernetes security by preventing the unintended exposure of service information through DNS. Learn about the default behavior of Kubernetes DNS specification and its potential security implications. Explore the use of CoreDNS as a solution to restrict DNS visibility, aligning it with role-based access control (RBAC) principles. Gain insights into the pros and cons of implementing such restrictions and understand when it may or may not be beneficial for your cluster's security posture. This 30-minute conference talk, presented by John Belamaric from Google and Yong Tang from Ivanti at a CNCF event, offers valuable knowledge for Kubernetes administrators and security-conscious professionals looking to tighten their cluster's information access controls.
Syllabus
Stop Leaking Kubernetes Service Information via DNS! - John Belamaric, Google & Yong Tang, Ivanti
Taught by
CNCF [Cloud Native Computing Foundation]