Abstract:
In a Kubernetes cluster, engineers find confidential data as a secret resource. Those confidential data would be passwords for the database or access tokens for managed services. It is essential to prevent the exposure of confidential data. In a world where people use many approaches to secure confidential data, engineers can categorize them into authentication and authorization. By encrypting the secrets, engineers can achieve authentication. Engineers define authorization when defining role-based access control. Engineers who are concerned about their confidential data elect to use one of those two methods or a combination of those two methods. Those processes take a long time and require a sequence of steps and specialized knowledge. Because of these reasons, there is a high chance of creating human misconfiguration. So, K8s pro sentinel comes and fits in the middle of this process as an operator that extends the Kube API server to automate this process. The MVP, K8s Pro Sentinel, can handle secrets at different security levels. This automation tool functionality is a virgin abstract of industry best practices, and many industry experts confirm it. This operator provides an additional layer of security to cluster confidential data and prevents engineers from misconfigurations.
