generated from coulomb/repo-seed
45 lines
1.2 KiB
Markdown
45 lines
1.2 KiB
Markdown
# Pattern: Secure Cluster Baseline
|
|
|
|
Status: seed
|
|
Readiness target: RL3 production
|
|
Primary owners: Railiance platform
|
|
Genesis family: Kubernetes and platform
|
|
|
|
## Problem
|
|
|
|
Production Kubernetes clusters inherit unsafe defaults unless baseline
|
|
hardening is explicit, versioned, and verified.
|
|
|
|
## Context
|
|
|
|
Use this pattern for every cluster class that hosts platform services,
|
|
tenant workloads, identity services, secret managers, or production
|
|
applications.
|
|
|
|
## Forces
|
|
|
|
- Kubernetes exposes many powerful APIs by default.
|
|
- Platform add-ons need privileged access but must be bounded.
|
|
- Baseline controls must survive upgrades.
|
|
- Product teams need predictable guardrails.
|
|
|
|
## Solution
|
|
|
|
Define a secure cluster baseline covering API server settings, RBAC,
|
|
node hardening, pod security, admission, network policy, secret
|
|
handling, audit, backups, and upgrade posture.
|
|
|
|
## Verification
|
|
|
|
- Cluster baseline checks run before production admission.
|
|
- Privileged Kubernetes APIs are limited and reviewed.
|
|
- Audit logging, backup, and restore paths are enabled.
|
|
- Upgrade tests verify baseline controls remain active.
|
|
|
|
## Related Patterns
|
|
|
|
- Pod Security Baseline/Restricted.
|
|
- Policy-as-Code Admission Control.
|
|
- Network Default Deny.
|
|
- Runtime Threat Detection.
|