KubeCon + CloudNativeCon Europe 2021 Virtual

Container Storage Interface (CSI) has made it easy for stateful workloads to consume storage - but does it protect your data from unauthorized access? The CSI standard only orchestrates the creation of volumes, snapshots or clones. How do you ensure that neither other workloads in the same Kubernetes cluster nor someone outside the cluster can access your data? You will learn the inherent security models provided by Kubernetes as well as additional configurations you can and should apply. Beyond concepts and architecture, a series of short demos will cover topics such as: - Security of Persistent Volume Claims and Persistent Volumes throughout their lifecycle - Pod Security Policies and volume types - File system permissions on your volumes - Securing common storage protocols such as iSCSI and NFS - Securing CSI drivers in your cluster