Summary
In this chapter, we discussed the importance of security boundaries. Understanding the security domains and security boundaries within the Kubernetes ecosystem helps administrators understand the blast radius of an attack and have mitigation strategies in place to limit the damage caused in the event of an attack.
Knowing Kubernetes entities is the starting point of fortifying security boundaries. Knowing the security boundaries built into the system layer with Linux namespaces and capabilities is the next step. Finally, understanding the power of network policies is also critical to building security segmentation into microservices.
Having read this chapter, you should have a clear understanding of the concept of the security domain and security boundaries. You should also grasp the security domains, common entities in Kubernetes, as well as the security boundaries built within or around Kubernetes entities. You also learned about the importance of using built-in...
