Security has always been a wide and complex topic. A recent survey from StackRox about the state of containers and Kubernetes security provides some interesting data on these topics. By Flavio Castelli.
In this blog post, author will dive into some of the findings in that survey and introduce you to Kubewarden, an open source policy engine. The article deals with:
- Security measures and skills are lacking
- Challenges with writing security policies
- A way around the security policy learning curve
- Introducing Kubewarden: An open source policy engine for Kubernetes
- Creating, building and running Kubewarden security policies
- Distributing security policies with Kubewarden
Kubewarden is an open-source policy engine. It integrates with Kubernetes using the widely adopted Webhook Admission Control mechanism. The project provides a set of Kubernetes Custom Resources that simplify the process of enforcing policies on a cluster. Kubewarden differentiates itself in the way it creates, distributes and executes policies. For starters, Kubewarden policies can be written in almost any programming language. This is possible because Kubewarden leverages the power of WebAssembly.
You will also get links to further reading. Nice one!
[Read More]