Attacking And Defending On-Premises And Cloud-Based Kubernetes Services by Sadi Zane

thanks everyone um so who am I I'm a principal uh cyber security consultants for PSI digital trust and I specialize in a couple of areas particularly in Cloud native container security orchestration technology so kubernetes in particular and I also specialize in red teaming and purple swimming and general penetration testing okay the agenda it's the go through the the kubernetes kubernetes architecture is and the deployment of risks with the kubernetes in particular on on-premise on bare metal and then we'll talk about the the access control as well as the authentications and we discuss the rbac control and following that I'll have two demos for you hopefully we reach that how one of them is how to compromise

a service accounts in kubernetes when it's misconfigured and gaining full control of your um uh infrastructure particularly kubernetes and then I will move on to the cloud cloud kubernetes architecture and discuss some of the risks and security concerns icoi exploits when it comes to AKs so Azure Community security risks um so the basics of kubernetes what's kubernetes is an open source container orchestration framework and it's developed by Google um it essentially manages a um it orchestrates and manages a containers such as Docker depending what um container engine you use it could be different container engines such as arcade rkt so essentially it orchestrates and manages containers um what problem does it solve it it's basically moving away from the

traditional way of doing a managing service it it divides it to into very manageable independent services so let's say if you have an application and you want to have your payment is done by one service your transaction on a different service you can independently basically have these Services as a container it's not all in one one server that the database is there the application is there and so that's the essentially straight Oak straight in the business needs um how does the architecture looks like um so this is and the core at the core level of a kubernetes um service there's a master API service which is in the middle and and then you have on the it's itd which is the key

value database and then you've got cubelets keep proxies and Cube controller as well as scheduler so every try every every uh request I need to go through any of these basically Services has to go through the cube API server um in particular so if you can see these the symbols between basically the uh the secure uh certificate next to each of these um components of the kubernetes uh kubernetes architecture is that for instance etcd it's uh it's it's a key value database so you have a key and value database essentially all your configurations or your stateful information it's secured in that database and you have the cubelet which is manages your kubernetes nodes so essentially what cubelet does it's

um it manages the containers within the pulse inside AAA an infrastructure and you have the scheduler which is scheduled Sports into these kubernetes nodes and then you've got the cube controller which is essentially accept different other services processes within the um Community API and if you pay attention to actual certificates some of the risk I'm going to discuss on on particularly on premise is that their risk is around actually um authentications the traffic between those components that makes kubernetes so I'm just going to go through some of them so one of the one of the common ones when I actually see it's the API server with no TLS encryptions as well as no authentication what that means is

that uh you've got a kubernetes essentially brands with no encryption so no client of authentication so anyone can actually within the network could access your kubernetes environment um in first it's basically there's no TLS encryption therefore all your traffic is unencrypted second is that there is no authentication therefore anyone within that Network could access your API server so essentially access scenario um secrets and then you have the the this is some of the examples I'm sorry if actually I'm not sure whether you can see the the screenshots properly or not um but essentially What's Happening Here is that you've when you run a default kubernetes it will need to play on a bare metal a

kubernetes it runs on no encryptions and no Authentication so here what I'm demonstrating is I'm using basic curl accessing the secrets on the kubernetes API server because there's no authentication because there's no uh authentication is being configured therefore I can just access the kubernetes API server and the secrets all all the configurations that is stored in the hcd database um how do you go at mitigating a mitigating a kubernetes plain text protocol as well as client authentication it comes down to pki so in most most companies probably this is integrated into your pki active directory internally but in some of the instances that if it's just a standalone kubernetes API that could be mitigated by actually having a

generate a certificate Authority so a CA so what I'm doing here essentially I am creating a a CA for discriminative environment which is the the CH called ca.key I am this talk isn't basically the stock is having a previous year so in 2022 in a Steel Con so therefore that's why you see the the ca still under the still concierge but I have updated it so essentially mitigating the API service client and authentications particularly you need to generate your own CA if you're not integrating into your Azure pki environment um following that following that's the uh generated the ca you the issue with actually on premise in kubernetes is that you still have to go back to your

API server and adding those flags in within the API service configurations and reset restarting your API server in order to actually have this to take effect so here for instance I am having the TLs search files which is the cube API CRT and then the cube API server so I'm I'm giving those keys in order to mitigate the plain text issue um the here essentially the what's happening here once I basically reconfigured the qpa API server I need to restart the API server and in this instance I as you can see it's the I am specifying the um the certificates I've generated it and also specifying the dash dash insecure Port 0 meaning that when it's

the API server actually starts again this time it needs to go through the https as opposed to http so clear text um and then in terms of actually uh protocol authentication from a client perspective is you still have to generate a um a user certificate for a user to authenticate through API server so here I am basically generating a key for myself say design.key and I am issuing that key and basically set to find this key using the uh the the CAF the local CA that I've actually used and as you can see in the bottom I am doing a cube CTL get secret and use specifying the client authentication my key in order to actually access the

secrets in the qba cube API server so this is not no longer the case of you know you can just directly access this uh um the API server without authentication and clear text protocol um the same issue applies to the etcd database so the um the core components of the actual kubernetes hcd database which is the key value database all your configurations all your state all your secrets are essentially stored in that database so if your hcd database is compromised essentially you'll you'll your infrastructure has got compromised and communities to set similar issues with the ETD database is that when you deploy an environmental environment you there are essentially no authentication and there are also no https enabled so in that

particular as you can see that you know even the kubernetes when you deployed it says uh the the the the the the the the the the ATD service is running on Port 2379 but it's strongly discouraged because of you know there are no https so there's no https it's not enabled also there's no Authentication thank you so for the other issue with the actual the ecd database is that if you're not enabling the https authentications imagine if you have an attacker that is actually intercept traffic between your kubernetes client and your uh your kubernetes API server What's Happening Here is that I am I'm creating a namespace called client C and then I am pushing some secrets into that

some secret to that database so using the hyphen iPhone formulator client key um and what what's happening here when I actually you know create that secret using uh no one https is not enabled um instead if your ETD database is comprised if actually your database is being copied so your member of database is copied one could easily recursively look at the database and then look and find a clear text information that you've actually pushed so your database essentially is not encrypted if you're not using the the the transport as well as the the information on the disk itself is not encrypted and their client authentications in terms of cloud authentication it takes a bit of a bit more work actually enabling

authentication for through the uh the hcd database it takes some configurations that you have to it's not as simple as just creating client authentication for API server with the hcd there's some steps that you need to follow to to enable the authentications to the it's CD database so here for instance what I'm essentially doing I am creating a new key and the sub the common name is ATD service and the the the the the the I am essentially at the bottom if you can see I am issuing I am basically issuing The acdd Key by using the ca that generator so I might I'm certifying that certificate for the um for the um hcd authentication

database and then again you have to go back to the actual keep API server to essentially uh add in those flags uh back to the QB API server in order to uh to make sure that the https is enabled as well as your authentication it's it's a configured it takes effect basically so you have to restart the the API server again so there's a lot of going back to the configurations restarting this obviously could be automated but this is just pure actually bare metal deployment um but if you also notice that in in terms of hcd database your data is not encrypted by default so what and if you can see the flag and the actual

encryption provider config which I'm going to discuss how you can uh how you can mitigate that issue as well so how do you go about actually encrypting the database on the ecd so you can use the one of the config types called kind encryption config and I'm here using the a random uh generator basically and I'm creating a key and I'm adding that key inside the encrypt at cd.dml so essentially I'm having a key now to in order to encrypt and decrypt my uh data within the ecd database and this is the flag again you have to go back to the cube API server in order to um to specify the the yam of the

basically the the encryption CM file that you created in order to date that for that to take effect um and here for just a few demonstrations when you basically use that configurations when you encrypt your hcd database now if you actually your members of your database has been let's say compromised even if you look at it from the recursively so if you look at to the etcd database you can actually identify any clear text that has been pushed to that database okay so that was the very brief touch around um around the bare metal actually deployment so the more interesting things that's coming up now the Community Access Control so with Community Access Control there are these

multiple phases essentially so when you authenticate as a client you essentially if you're using the keep CTL you have to go through those steps authentication authorizations and admission control so authentication essentially you have to have a credentials to be authenticated to keep API server authorization is essentially what rights you actually have what the right has been authorized for you to to to to to to proceed to the next step and the lastly is the admission admission controller which is even if you have your authentication and your authorization it's in place if your admission controller it's not based if your admission controller is enabled the last decision is comes down to the admission controller to allow you to uh

to make that uh to reach to the those objects that you have on on your kubernetes and that applies to the the client also as well as applies to the port polls as well as service account um so in terms of authentications multiple authentication types I'm only covering the ones that I find it vulnerable well at least issues with it the X 509 client certificate which is uh it's a valid certificate signed by trusted Authority so you essentially have to issue certificate for your developers for instance and then you've got the static token one which is essentially just a CSV file not good and then you've got the kerbus and ldap authentications and oidc I'm going to

cover the two first ones that I find lots of issues with it every time I assess a kubernetes environment the the one particular the uh uh client certificate is the the you obviously have to you have to first sign it by your certificate Authority and at forward to to um you have to certify it by your own CA certificate and what's what what I'm doing here now just for demonstration I'm creating a my solver a a client authentication key say design dot key and then I am authorizing this key by through my CA and then as you can see in the bottom I'm using the this key the client certificate uh dot CRT Zen CRT as

well as the client key in order to access the kubernetes environment so the authentication essentially you have to have a certificate in order to authenticate uh to the Q API server and with the static token file authentication uh the issue essentially you have to create actually a token.csv which is consists of three formats so you've got the name you've got the member and you've got the groups so say design so essay and then you've got the member which is zero one and then you've got the admin so essentially What's Happening Here is that you giving someone access a CSV token uh which that CSV token has to live on the disk on the cube API server so even if it's somebody

compromising we're gonna your cluster they don't need to actually create new certificate etc etc they can just keep you know the existing this credentials copy that credentials and use that credential to perform persistence so and there's because this CSV file it's essentially uh you can revoke it the that remains within the environment without even knowing that actually someone's compromised your environment um so the the issues with the certificate authentication certificate based and token authentications certificates are stored on disk they don't match you know long expiry date so if the certificates are compromised um your your ca essentially called if somebody has your access to your certificate for a long time they cannot be revoked therefore they have the same

access if it's two years or four years or 10 years and assigning new group to a user new certificate need to be issued so every time you need to assign someone to a group in a kubernetes environment you have to actually issue a new certificate um so the with the token is that tokens are stored in a clear text so if somebody has access to API server copy that token essentially they have the access to your cluster a limited time so phone cannot be revoked um authorization screen kubernetes um we talked about authentications and authorizations the way the authorization Works within the kubernetes environment there are multiple objects one is the allows always always allow always deny an R back so

when allow always allow is enabled in your kubernetes environment you essentially allowing uh basically essentially there's no uh authorization is not enabled if you always deny then it blocks all requests and then you have Arabic which I'm going to discuss how we go about actually what Arabic is and how we can exploit our back and through a demonstration an Arabic is essentially it's a policy based control using Community API so it's very granular way of controlling who has your authorizations within the kubernetes API environment and there is the node which which is very special authorization and a bit between the cubelet and the API server um what is Arabic it's a role-based Access Control it's it's the role is

based on the individual user within the organization and you can be very granular who have what access within that Community environment could also be applied to the service account and I see a lot of issues when I when too much or excessive access being assigned to a role-based to a service account um the the primary key objects with the rbac you've got the Roll Roll binding cluster roles and cluster role bindings very mouthful so the role essentially is a set of rules defined set of permissions so a role could be allow create pods or read ports or execute ports and then you have the role binding which assigns the the it basically assigns the permission defined in a role

to a user to a server so you've created the role and then you've got the role binding which you assign that role binding to that role and then you have the cholesterol and the cholesterol binding the differences between the cholesterol and cholesterol binding is that if someone has the cluster role at a cholesterol binding access it means they have full access to all the namespaces within the kubernetes API server so with the Roll and Roll binding it's a namespaced specific but with the cholesterol and cluster role binding you grant access to all the resources so if you have a service account for instance that has been assigned cholesterol and across the wall binding and that service

account is compromised essentially that service account could you know access all the names faces within your kubernetes environment that applies on the premise as well as on the cloud no difference what this autoback looks like in configurations is just a case of hyphen hyphen authorization mode equal rbac so that's what basically enables the author authorizations so how do you go about actually creating a a a real best role-based access control a role and role binding to a user I'm here I'm using basically cfssl which is the clouds layer SL I'm creating a user called a the dev user um I am also creating a a essentially I'm creating a Dev user key and if you use a CSR and I am using the

the uh um I'm using the I'm using the configurations essentially to create myself a certificate which is using the actual CSR that I've created Dev uses dot CSR um so once I've done that I can apply that to the cube API server so I'm creating myself a user and I'm going to apply roles and role binding to that actually to that user so here what I'm doing is that I'm I'm looking at the once I applied that CSR that's CSR I'm looking at Cube CTL get CSR as you can see it's appending of course and it's created by the master client so I've created it and then it's down to the administrator to you know

where they approve that as a user or not which is at the bottom as you can see is it's uh it's certificate is being approved for the dev user and in terms of the rules and role bindings what I'm doing essentially here is I'm creating a a role a role called create pods that's specific to rbac and that create points essentially has these uh permissions so it has these verbs so it can get watch list and create so it's it basically these are quite specific permissions within the rbac and it's uh and it also can has the access to port forward slash exec which is executing Interpol so essentially having access to the inside a port to a CLI so this is the actual

role called crate boards um and then the role binding itself you create a row bindings and it's this role bindings called the read pods and if you look at the kind I'm specifying the role and I'm also saying the name should be the create pause so and the user should be devuses so essentially I have a user that has a specific roles and then specific role binding assigned to to to that particular user to access particular namespace let's say I haven't get list and watch and exec into that part quite specific granular in terms of uh accessing to that cluster and yeah I guess quick Case Case Study I've recently basically was working with a client of mine and I came across a

similar uh case where the client had a garfana Enterprise 8.3 uh zero which is it it's vulnerable to file traversal availability and what I'm doing here what I'm demonstrating here essentially is the this is just a standard yaml file for grafana so a pod container with a container which contains a aggravana and it's running on the TCP Port three three thousand by default and it's if you if you can notice at the bottom it's basically assigned to a a service account which I created it's called overprivileged um so what I'm essentially trying to do here is that is the vulnerability in the agofana I'm going to watch that you're going to find is assigned a service

account called over privileged and that over privileged service account has cholesterol and cholesterol binding permissions if I compromise the service account through a vulnerability I can use that service account compromise the entire infrastructure for instance having access to the keeps keeps system namespace so here I am quickly demonstrating what the cluster role looks like when it's applied to that cluster role basically is applied to that privileged account privileged service account known as over privilege role so this privilege role has has basically access to Ports create also a listing secrets so if I if I compromise this I can list Secrets I can create pause into a uh any namespace I want this is a cluster role not a role

and if you can see at the top kind type cholesterol and the the cholesterol binding essentially what it says I want the I want the over privileged role to be assigned to a service account known as overprivileged in the namespace of secure so that grafana is basically deployed inside a a namespace called secure now this sculfana has a service account with a very high privileged permissions so if anyone compromises girlfrienda they can take that token and then compromise your entire infrastructure and I'm going to demo this quickly for you so here I'm just gonna I'm just showing what the service accounts actually the the overflowbridge service account assigned to which namespace and this saves account the

qctl get service account over privileged essentially it's assigned to a namespace called secure um and for demonstrations what I wanted to actually demonstrate is that imagine if you have a vulnerable container in one of your namespaces for instance the default namespace and it's assigned the default service account and if if somebody managed to compromise your container a a vulnerable container in any any basically uh let's say that default namespace they can Leverage The vulnerability in a different namespace for instance garfana taking that token and then compromise your entire infrastructure so this yaml file I'm just demonstrating I'm creating a busy box uh image it's called BusyBox it's actually called bad BusyBox and it's if you look at the service account it says

default so it's assigned a service account default which has no permissions so a very limited permissions so here what I'm doing essentially I'm I am executing into the bat busy box container and then following that if you can see I'm doing a quick nmap scan on I'm looking for Port 3000 because I know the girlfriend is on there and as you can see the pull 3000 is on but it's on a different namespace which is on a secure namespace so I can identify now Port 3000 running so Define is running on a different namespace in a different container so in a busy box and now I am essentially what I'm doing is I'm just doing some enumerations for

instance I'm looking at the environmental variable inside the busy box it's clearly running this this part is deployed within the kubernetes and the next thing I'm going to do I'm going to copy the cube CTL on the middle uh um I'm copying the cube CTL so that I can actually start interacting with the the environment as as you can see I'm using Cube CTL uh Cube CTL off can I hyphen hyphen list so I'm trying to identify what permissions I have in terms of service account on that busy box that bad busy box image as you can see it's essentially at the bottom I have no permissions I I don't have any permissions that I can abuse the

existing default service account to gain access or escalate my privilege within the cluster so now that that I now that I basically know there's a vulnerability within the uh gofana I am what I'm abusing here is that essentially I'm very sorry actually it's not very clear but I know that grafana is running a old version and it's runnable to directory traversal uh vulnerability which is essentially what you can do is you can exploit that vulnerability to read file on the gophinus file system so I am now reading something on using the busy box using basically the uh VAR run Services kubernetes.io service account token so I'm reading the token from the grafana so from the busy box pod I've

compromised now I am using that service account the token the JW token and I am using the cube CTL of can I token the new token so now I am from the busy box if you can see at the bottom basically it says I have a secret access to Secret which means that Apple can also basically I can also get secrets and create secret so now that I can from the bad busy box compromised a new token in a different namespace which has more permissions assigned to has the cholesterol and cholesterol binding assigned to it what I can do is now I can use my busy box as a pivoting point into the cluster so

using new service token I now I can access secrets on the keeps keep system namespace which is essentially if somebody compromise your keep system namespace that your entire infrastructure is compromised because it contains all the secrets that you can leverage them to read to access any other ports within the uh your cluster environment and then now that I have the token what I can do I can use the busy box with the new token that I have assigned to myself I stole from the grafana access the cubes system uh namespace using that token now I can basically list all the tokens in the keeps system which is specified at the top so it keeps you till get secret

hyphen keep system a hyphen hyphen token and the environmental variable which is token I've basically taken the token from the um the grafana's service account in order to escalate my privilege and now I have full access to the all the namespaces within the um cluster there's a demo but I'm not sure if that's going to um it's if you can see or not but I can definitely take you through it so I am on my attacking machine essentially what I'm doing I am I am looking at all the namespaces I can keep CTL get poured I want to see what pointers exist in the namespace of secure so there's a actually a grafana and then I am also looking at the

default namespace which has a busy box running so different two different namespaces now I am executing into the busy box image just imagine that I've compromises this through some kind of application vulnerability now I am inside the uh the busy box I'm looking at the environmental variable okay I'm in a kubernetes environment so first thing I would do is I would download the cheap CTL client which is essentially you can use that to interact with your uh with the kubernetes API server now that I am going to have basically been bash which is I'm in a bash environment and I am basically checking in a cheap CTL auth can I list I'm just looking at my

default service account permissions to see what permissions I have I'm still not over privileged account I still can't do much um so I'm just looking at see what permissions I have as you can see actually you know it just says forbidden you don't have much of a privilege on this uh vulnerable busy box spot now I am I'm doing the yeah the looking at the permissions on on the busy box whether I have any permissions I have no permissions with that service account which is a default service account doesn't have permissions to do anything useful in terms of attacking the cluster but if I what I'm doing now I'm looking at the IP what's my IP addresses and

based on that I'm I'm looking at the Port 3000 which is sticker furnace default port and okay it's the port is there the fan is basically running on that uh on that cluster in a different namespace and now now that I know actually this girlfriend is vulnerable to a directory file traversal vulnerability which means you can use the this this vulnerability to read the token on the grafana uh pod and I know the Pod is this this board is assigned a very high privileged account sorry permissions so now I've just demonstrated using the file traversal vulnerability to see if I can list any files I did Slash it CD password just to see if I can read the password file on

the grafana yes I can so now that I am just going to look for a particular in kubernetes there's a particular directory where the tokens are saved so I'm just trying to retrieve the token on the grafana and use that token in order to elevate my privilege on that cluster um so now now that I know it's traversal it's a it's a it's a runability here so I'm just gonna look for that token on the remote Governors pod as you can see it's basically the kubernetes.io secret and then token so that if I can get that token on the remote pod which as you can see it's a jtwt JWT token I can use that token

which is a different service account assigned a lot of permissions and use that in my uh BusyBox pod in order to elevate my privilege on the on the cluster so now I'm just assigning that token to a uh a variable so I'm exporting that in locally to my busy box container now I use basically keep CTL um auth hyphen hyphen list hyphen hyphen token and then specify the new token that I've compromised from the grafana so I'm no longer using the actual default token I'm using the token from gafana and now we've we saw the the grafana's token it has cholesterol and cholesterol binding but listing secrets and creating New Ports now I can use the busy box

to fully compromise the the cubes Cube CTS system namespace I think it's very hard to see I apologize I wasn't expecting that at all but I think I've described what the attack is essentially so now I'm looking at what permissions I have with that token and at the top it basically says you have create and get and at the bottom here it says you have listing secrets with that new token and then I use that token to compromise the the infrastructure so if I could be basically I'm sorry the video wasn't great the screenshots are some reason they're not they're blurry but if I quickly move on to the actual cloud kubernetes service architecture so the architecture with

AKs or any other cloud is different you no longer basically manage in from the cloud perspective you no longer manage the API server or hcd so you have no access to those uh hcd hcd and control manager as well as the cube API server so it's a shared responsibility it means that they in this instance the cloud provider Microsoft is manages all that but your responsibility as a customer you've got access you basically you're responsible for a case nodes so essentially the nodes that makes the the cluster is your responsibility in terms of security so I'm going to look at some of the uh a default security concerns with Azure environment um some of the issues that I see

um a massive clients that actually I work with and it seems that they're failing on the followings one is the Pod security admissions PSA by default PSA on 1.223 onward is enabled but um it's not uh it essentially it's enabled but it's actually it's not in a restricted or enforced mode meaning that your uh the the admission controllers are enabled but they they're not doing what they're supposed to be doing and there is the network security and network policy and that there's a secret so I'm going to go through each of them so first thing first I need to describe what pod security admission is in Azure Port security admissions it's a technical control and enforces the port security standards

so PSI basically on ports running a namespace what it means in short is that the PSA decides whether a a port should run on your cluster or not even if somebody if a developer has the authentication even authorization supplied if the port security is applied and it's enabled and it's unfortunate for instance the port security PSA basically decide whether this port should be in that environment or not the poor security Works in uh it has two objects which is the plot security levels and they put security modes the level it's the privileged Baseline and restricted which is the Privileges that everything gets allowed if you enable Port security PSA with a privileged essentially allowing everything into

your cluster in terms of PSA and you have the Baseline and restricted the Baseline mode is essentially a set of rules that is admission controller applies to your pod it could be things like okay don't run your pond with a privileged uh security context don't run don't allow a pawn to obtain lots of resources for instance and you have the restricted which is I would recommend is that your PSA essentially is in a very restricted mode only allows specific templates to uh basically get stored on your node so essentially a porting your note and then you have the enforce ODed Warren essentially if you enforce it it is applied and so uh and if it's an

audit it only holds it or audits but it doesn't do much it still allows the port to be deployed and then and and the last one is worn which is even if you enabled a mission controller and AKs and what happens here is that the even if it's enabled but it sets the warning mode it just warns the developer okay this template is actually not good it's not uh you know it's not based on the standards it's not a good security practice but it still persists on your uh environment so it still allows it so for instance here is that a cat study which most of time when I testing environments I quite easily gain

access to a when when admission controller when PSA is not enabled I can fully compromise the AKs nodes by simply basically using a template like this a simple manibus file which is what it is is that I have a port called hacker note port and it has those specs basically very privileged specs satisfied so host Network host PID host IPC and it's if you look at in the middle which is the security context which is the key one it says privileged equal true and then mounting path which is forward slash host essentially it says if if I apply this to a AKs cluster what it does it mounts the host uh basically file system which is a server on AKs

and what happens is if I apply this and I can cheer root into the host mounting file and I fully compromise the actual AKs node so I can essentially compromise the server that makes your kubernetes API so audio basically containers stays on nodes and if I can quickly show you how this is done for this for example the the workload that the Manifest I just showed you it what I'm doing I'm applying the the work the workload template to the a namespace called secure and it creates a pod and then once I've one once I created the pawn basically it mounts the AKs node file system now I am simply exit exiting into the the uh the actual the

uh hack hack the Pod that I've created and then here if you can see I'm doing Cube exec a hyphen hyphen it which is interactive into the Pod and the in uh in the namespace secure and then I'm doing a sh so a shell I'm going inside the shell inside that hacker pod and then here I'm doing c g root forward slash host what it does the cheer routing is basically into the AKs Pond I'm no longer AKA is basically not I'm no longer inside the actual uh the hacker pod I am now in your AKs file system so I mean you I'm in the AKs node so in the service and this is the demo I think it's

probably not I'm not sure whether you can see it or not but okay I'm gonna move that I think because as you can see it and the so once you basically you know if you this is how you compromise ak's note but if you decided to apply a if you apply the PSA correctly and you push the enforce mode what you could do is you can you can enable the PSA on your AKs cluster and in the enforce mode I'm basically once I enable this here I'm enabling it here and based on a label now I am trying to apply the same uh I'm applying the same vulnerable or over privileged pod I've created earlier cubesatel apply

F ttp.yaml in the secure namespace I can no longer do that basically because PSAs instantly denying saying okay you are trying to do you acts you you've got the security context privilege equal true and you've got your image is basically mounting a file a file system on the share so it's it applies the default enforced privileged [Music] PSA rules on that cluster like no longer even if I want to actually make it vulnerable it's not possible because it's an in enforce mode the PSA um the other issues that I do see is the networking and in particularly networking and kubernetes is actually complex you've got the internal and the external the same concept internal traffic that's

facilitated communication between pods and nodes so you when you create your network and essentially you want to have or you don't necessarily want to have communication between your port in one's namespace to another namespace and then you've got the external network which you want your workload that you know whether you want to your workload to connect to the Internet or not in terms of networking the the security concerns with that is the biggest one that I see which uh quite often is the community API server so the main API service it's deployed but is not restricted to your own network so essentially you don't have uh uh anyone can access to your API server you haven't whitelisted your

API server to only your network and this is just an example this is just an example of basically uh if somebody compromises any uh pods in your network and they can they can take the token and then they can access your API server anywhere because you haven't enabled the you haven't whitelisted your API server to your network so my recommendation would be the first thing at least you want to do is that you want to restrict your API server to only your network um you don't want to just be exposed to the public because any vulnerabilities in your cluster would somehow give access to an attacker direct access to the you'll keep you kubernetes cluster

um I think I'm conscious of time yeah I think I've got a couple more slides but I think uh the other one is the uh the the other issue is with you metadata within your kubernetes API server it's just not restricted so you want to basically restrict your metadata inside your bonds so you don't want anyone in the port at retrieve metadata in your Azure environment so you can do that through Network policy I'm just going to be faster and this is the steps I can share the slides how you can go about actually deploying those controls in terms of restricting metadata within your kks cluster and then also from any parts with any in

AKs environment you can directly and map or scan to your cluster and you can see this SSH basically running on your nodes so you want to obviously restrict that as well and you want to obviously isolate the pawns Ingress policy you don't want all the pawns within different namespaces talk to each other it needs to be quite Pacific two more slides um and then you can do this using basically Ingress and then you know using select types so you can say I want a port a from cluster from namespace default only connect to uh Port b in a namespace secure sorry you don't want all the pulse to communicated to each other because that's how bad things

happens and then you've got the explicit Communications which you only allow particular nodes ports to rest to go outside of the kubernetes API server so connected to the internet and lastly is the kubernetes secret uh secrets are not encrypted it's base64 you want to use some third-party providers to manage your secrets as I mentioned it's all base64. so use open source Solutions cyber Arc haishi Corp Etc and that's all sorry that was very quick [Applause] any questions I think it's just waving someone else sure go ahead foreign

actually Defender for for cloud only identified to one of the issues which is restrict your API server to outside the rest of it doesn't cover any other questions okay thank you thank you