performing-kubernetes-etcd-security-assessment

Featured

Assess the security posture of Kubernetes etcd clusters by evaluating encryption at rest, TLS configuration, access controls, backup encryption, and network isolation.

DevOps & Infrastructure 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Performing Kubernetes etcd Security Assessment ## Overview etcd is the distributed key-value store that serves as Kubernetes' backing store for all cluster data, including Secrets, RBAC policies, ConfigMaps, and workload configurations. Without proper hardening, etcd exposes all cluster secrets in plaintext, making it the highest-value target for attackers who gain control plane access. A comprehensive security assessment covers encryption at rest, TLS for transport, access control, backup security, and network isolation. ## When to Use - When conducting security assessments that involve performing kubernetes etcd security assessment - When following incident response procedures for related security events - When performing scheduled security testing or auditing activities - When validating security controls through hands-on testing ## Prerequisites - Access to Kubernetes control plane nodes - SSH access to etcd cluster nodes (or etcdctl configured) - CIS Kubernetes Benchmark reference document - Understanding of TLS certificate management and EncryptionConfiguration ## Assessment Areas ### 1. Encryption at Rest Verify that Kubernetes encrypts Secret data stored in etcd: ```bash # Check if EncryptionConfiguration is configured on API server ps aux | grep kube-apiserver | grep encryption-provider-config # View the encryption configuration cat /etc/kubernetes/enc/encryption-config.yaml ``` Expected secure configuration: ```yaml apiVersion: apiserver.config.k8s.i...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Integrates with

Kubernetes · Infrastructure

Similar Skills

Semantically similar based on skill content — not just same category

DevOps & Infrastructure Featured

performing-kubernetes-penetration-testing

Kubernetes penetration testing systematically evaluates cluster security by simulating attacker techniques against the API server, kubelet, etcd, pods, RBAC, network policies, and secrets. Using tools

12,642 Updated today
mukul975
DevOps & Infrastructure Featured

performing-kubernetes-cis-benchmark-with-kube-bench

Audit Kubernetes cluster security posture against CIS benchmarks using kube-bench with automated checks for control plane, worker nodes, and RBAC.

12,642 Updated today
mukul975
DevOps & Infrastructure Featured

securing-kubernetes-on-cloud

This skill covers hardening managed Kubernetes clusters on EKS, AKS, and GKE by implementing Pod Security Standards, network policies, workload identity, RBAC scoping, image admission controls, and runtime security monitoring. It addresses cloud-specific security features including IRSA for EKS, Workload Identity for GKE, and Managed Identities for AKS.

12,642 Updated today
mukul975
AI & Automation Featured

scanning-kubernetes-manifests-with-kubesec

Perform security risk analysis on Kubernetes resource manifests using Kubesec to identify misconfigurations, privilege escalation risks, and deviations from security best practices.

12,642 Updated today
mukul975
DevOps & Infrastructure Listed

k8s-security

Kubernetes security review — RBAC discipline, Pod Security Standards (baseline/restricted), NetworkPolicy default-deny, admission controllers (Kyverno/Gatekeeper/VAP), External Secrets Operator, and runtime monitoring via Falco and audit logs.

4 Updated 1 weeks ago
roodlicht