======== Security ======== ---------- Kubernetes ---------- .. kub-begin |prod-long| security encompasses a broad number of features. .. _overview-of-starlingx-security-ul-ezc-k5f-p3b: - |TLS| support on all external interfaces - Kubernetes service accounts and |RBAC| policies for authentication and authorization of Kubernetes API / CLI / GUI - Encryption of Kubernetes Secret Data at Rest - Keystone authentication and authorization of StarlingX API / CLI / GUI - Barbican is used to securely store secrets such as BMC user passwords - Networking policies / Firewalls on external APIs - |UEFI| secureboot - Signed software updates .. kub-end Contents: --------- .. toctree:: :maxdepth: 2 kubernetes/index --------- OpenStack --------- .. os-begin .. os-end .. toctree:: :maxdepth: 2 openstack/index