Release Date: 14/09/2019 | Issue: 3
The Cloud Security Reading List is a low volume mailing list (once per week) that highlights security-related news focused on the cloud native landscape,
hand curated by Marco Lancini.

This week's articles


Shielded GKE Nodes are now in beta
Shielded GKE nodes provide strong, verifiable node identity & integrity, giving assurance that your node OS hasn't been tampered with and is running in a Google data center.


Kubernetes IoT Edge Security Whitepaper
The Kubernetes IoT Edge Working Group has developed a whitepaper to expose the security challenges of distributed deployments outside of the typical data center. The whitepaper identifies a comprehensive list of edge security challenges and concerns that the CNCF and Kubernetes communities should recognize.


Owasp Zap chart for Kubernetes
How to perform a vulnerability analysis on a host using Kubernetes as the platform. It creates a Job that deploys a pod that will scan the host for any vulnerabilities.


Announcing Maesh
A Lightweight and Simpler Service Mesh Made by the Traefik Team. One of the main differences is that Maesh does not use any sidecar container but handles routing through proxy endpoints running on each node. The mesh controller runs in a dedicated pod and handles all the configuration parsing and deployment to the proxy nodes.


Ever wondered what's a Virtual Kubelet?
Nice post which describes the concepts behind the Virtual Kubelet, an open-source implementation of the kubelet with the purpose of connecting Kubernetes to other APIs. Beware of the security implications (like communicating with other services outside of the Kubernetes cluster and outside of the region/cloud provider) though!


How AWS data transfer gets billed. Simple, right?
That's a nice illustration from Corey Quinn (@QuinnyPig)

Website
Twitter
Buy me a coffee
View this email in your browser Copyright © 2019-present The Cloud Security Reading List.