►
From YouTube: Kubernetes SIG Security Docs 20210318
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Welcome
everyone
today
is
march
18th,
six
security,
documentations
of
project
meeting.
We
abide
by
communities,
code
of
conduct,
which
means
be
nice
to
one
another
and
to
yourself
right.
Any
new
contributors.
B
I
mean
I'm
new,
I
mean
like,
although
I've
reached
out
on
like
slack
and
stuff
but
yeah.
This
is
my
first
time
attending
the
the
doc
sub
project,
so
yeah
excited
to
contribute.
A
A
Right,
I'm
gonna
drop
your
name
there
perfect.
So
we
have
only
one
item.
The
arjuna
and
rory
here
has
put
together.
So
we
are
working
on
kubernetes,
hardening
guide
and
rory
here
has
put
together
some
nice
starter
guide
kind
from
where
we
can
expand
the
ideas
and
go
from
there.
So
if
you
want
to
give
more
like
just
a
quick,
rundown
and
they'll
be
great
cool.
C
Yeah
nope
hi
yeah,
so
I'll
do
that
so
yeah.
So
this
is
just
the
document.
We
had
a
brainstorming
document
which
is
linked
out
of
this.
This,
which
was
like
an
initial
ideas
and
then
what
this
is
doing
is
just
really
trying
to
lay
out
the
audience
and
scope
and
link
some
existing
content
and
leia.
Also
the
approach,
because
one
of
the
comments
we
had
of
the
brainstorming
document
was
that
we
don't
want
to
like
cross
too
much
with
the
cis
benchmark.
C
So
that's
like
the
hopefully,
the
kind
of
where
this
is
different
or
lacking
something
new
and
then
what
we've
done
here
is
and-
and
I
was
just
talking
to
everything
about
this
before
it's
just-
we've
got
a
section
list,
and
these
are
all
just
ideas
for
things
we
think
could
be
covered.
That
came
from
the
brainstorming
document
and
some
initial
ideas.
So
if
anyone
wants
to
take
a
piece
of
this,
if
they
want
like
say
yeah,
I'm
really
interested
in,
for
example,
workload
security
configuration.
C
Then
we
can
just
tag
these
and
just
say
you
know
right
so
and
so
whoever's
going
to
look
at
that
wants
to
take
that
one
on
and
then
hopefully
we
can
like
flesh
it
out
and
like
it's
done
in
a
google
doc.
So
everyone
can
like
edit
and
like
put
suggestions
in
and
all
that
kind
of
good
stuff,
and
we've
got
quite
a
few
sections.
I
mean
this.
I
think
this
could
end
up
being
a
fairly
long
document.
A
That
is
perfect,
so
these
are
the
things
that
we
are
looking
for,
or
we
would
like
like
to
have
them
on
the
kubernetes
website
itself.
Right
now,
it's
very
hard.
The
these
documentations
all
over
the
place-
and
I
don't
know
if
I
have
ever
come
across
like
few
very
few
one-
was
from
microsoft-
something
specific
to
kubernetes
threat
model.
A
So
I
think
this
would
be
a
really
good
thing
and
if
it
gets
bigger,
I
think
we
can
even
make
a
page
out
of
it
like
these
are
all
can
be
like
some
child
pages
of
a
parent
page
called
kubernetes
hardening
or
something
like
that.
C
C
That
is
actually
a
good
point.
The
one
thing
we
can
probably
link
to
is.
I
know
that
the
miter
people
are
doing
an
attack
thing
for
containers.
So
it's
not
like
specific
to
kubernetes
but
they're.
Doing
like
a
general,
I
missed
the
meeting
they
had
cncf6
security
was
yesterday
and
my
time
zone's
messed
up
because
it's
daylight
savings
this
week.
C
So
the
day
of
the
week,
I've
missed
meetings,
but
there
is
a
there's,
a
thing
from
someone
from
writer
to
the
talk,
so
that
should
be
online
soon
to
look
at
and
that
might
maybe
we
could
link
from
that
from
threat
modeling
bit
as
well.
A
Yeah,
that
would
be
amazing,
like
if
there
is
something
else
I
just
want
to
link
it
out
so
that
we
are
not
duplicating
the
efforts
or
like
going
through
the
hassle
of
maintaining
it.
It
will
be
difficult,
but
I'm
on
for
linking
things
out
and
I
also
missed
a
meeting.
I
wanted
to
make
sure
that-
and
I
am
also
I
am
visiting
my
husband
in
seattle,
so
I'm
three
hours
ahead
and
I'm
missing
so
many
meetings
because
of
that.
C
A
That
sounds
good
to
me
and
we
so
we
can
have
those
things,
that's
very
important.
I
think
those
two
topics
are
really
important.
I
think
we
use
with
so
many
folks.
I
don't
even
know
like
I
think,
not
everyone's
looking
at
the
not
every
administrator
is
looking
from
the
security
perspective.
A
Sometimes
the
mindsets
like
it
can
be
added
afterwards
or
like
not
everyone's
developing
the
mindset
of
security
in
their
like
whenever
they
start
designing
or
stuff.
I
think
having
these
would
really
help.
C
Yeah
yeah,
I'm
hopeful,
I
hope
so.
I'm
hoping
this
kind
of
like
answers.
The
question
of
someone
saying
you
know
I'm
coming
to
kubernetes
security.
Where
should
I
start?
I
was
kind
of
in
my
head.
The
question
we
were
answering
we
would
say
right
here
is
somewhere
to
start.
You
can
start
here,
you
can
look
through
stuff,
it
won't
be
everything,
but
it
will
link
you
to
other
places.
You
can
learn
more.
A
I
just
wanted
to
ask
one
thing
that
I
saw
everything
with
the
peak
in
my
pki
management.
Are
we
gonna
add
like
cert
authority
or
something
whatever
that
available
in
in
that
area,
or
this
is
like
totally
something
different.
C
C
Certs,
because
managing
those
search
seems
to
be
a
thing
that
I
think
causes
problems,
because
if
you
lose,
you
know,
if
you
let
anyone
read
the
keys,
that's
your
cluster.
You
know
you
have
to
rotate
everything
and
it's
a
nightmare.
So
it's
a
bit
around
that
because
I
think
pki
management
comes
quite
hard
to
people
who
don't
haven't
done
in
the
past.
C
It's
a
bit
of
a
weird
topic,
so
I
was
kind
of
hoping
we
could
put
a
little
bit
in
there
about
that
and
maybe
some
options
around
what
people
can
do
to
link
it
to
like
their
own
certificate
authorities.
That's
not
something
I'm
super
experienced
with,
though,
so
we
probably
would
have
to
try
and
like
find
someone.
I'm
sure
we
can
find
someone,
though,
he's
done
that.
A
C
Yeah,
absolutely,
I
think
I
think
what
we'll
probably
find
is
that
by
putting
stuff
up
we'll
start
getting
more
input,
I'm
sure
you're,
right
and
and
yeah.
So
I
think
I
think,
if
we
can
even
get
like
kind
of
a
like
a
set
of
things
like
a
kind
of
working
set
in
each
area,
then
at
that
point
I'm
sure
once
we
put
up
people,
people
be
like:
oh,
you
missed
this
or
that
and
we
can
expand
it.
A
Sounds
good
to
me,
so
sorry,
I
I
don't
mean
to
cut
you.
I
think
I'm
not
sure
if
it
got
you
when
you
were
giving
that
unknown.
So
no.
C
That
was
yeah.
That
was
pretty
much
all
I
had
so,
if
anyone's
getting
any
questions,
then
that's
cool
but
otherwise
yeah.
I
think
that's
like
a
decent
place
to
start.
A
A
If
you
are
comfortable
with
putting
this
a
link
out
there,
we'll
just
put
that
and
then
ask
for
volunteers,
anyone
wants
to
collaborate,
contribute
hop
on
take
a
topic
couple
of
them.
Whatever
is
not
assigned
to
anyone
like
these
are
some
of
the
ideas
that
I
have
either.
C
A
So
I'll
do
one
thing,
so
we
will
we
if
you
want
create
issue,
if
you
don't
have
time
I'll,
create
an
issue
and
target
and
then
the
next
seek
dogs
meeting.
So
I'm
going
to
put
this
on
security
as
well,
and
then
we
can
put
it
on
sick
dogs
and
I'll
let
in
the
next
meeting
and
let
them
know
that
we
are
looking
for
volunteers.
There.
A
Newcomers
here-
and
I
think
I
met
sladen
and
see
really
sorry,
but
yes,
so
folks
like
that,
can
pick
up
stuff
if
they
are
interested
and
if
they
are
here
to
learn.
That
is
fine
too,
like
more
people
when
they
talk,
we
get
more
ideas
so.
A
Do
that,
so
let
me
know
if
you
want
to
create
an
issue:
fine,
if
not.
C
Yeah,
if
you
could
like
point
me
in
the
right
direction,
that'd
be
awesome,
because
I
I'd
like
to
try
it
because
I've
never
done
it
before.
So
it's
really
good
opportunity
for
me
to
try.
And
yes,
if
you
point
me
in
the
right
direction,
I'll
I'll,
try
and
do
that
and
then
we'll
go
from
there.
A
A
Know
right
and
it's
wonderful
and
slaven,
do
you
have
anything
to
add?
I
know
you
are
looking
to
contribute
and
yeah.
B
A
That
is
wonderful,
feel
free
to
comment
and
if
you
have
any
feedback,
if
you
want
to
pick
up
something
and
anything
and
any
contribution
of
any
kind
is
welcome,
yeah
sure
thanks
a
lot.
A
Thank
you
for
joining
us
good
today,
all
right,
I,
I
think
sorry
rory,
I
didn't
mean
to
cut
you.
A
So
that's
all
we
have
today.
So
if
no
one
has
anything
I'm
going
to
end
the
meeting
and
then
give
everyone
15
minutes
back.