Files
awesome-kubernetes/v2-docs/securityascode.md
Nubenetes Bot 4f5d93f271 feat(ai): integrate Claude Code course and video hub update
- Added Anthropic 'Claude Code in Action' course to AI Agents and MCP sections.
- Integrated '6 Levels of Claude Code' video to the V2 Video Hub.
- Updated centralized inventory.yaml and regenerated V2 Elite Portal.
- Deduplicated Claude Code references in V1 archive.
2026-06-11 15:20:39 +02:00

19 KiB
Raw Blame History

Security Policy as Code

!!! info "Architectural Context" Detailed reference for Security Policy as Code in the context of Hardened Infrastructure.

Standard Reference

Cloud Infrastructure

Kubernetes

Policy-as-Code

  • Kyverno 🌟 [DE FACTO STANDARD] — A CNCF graduated Kubernetes-native policy engine.
  • Allows policy definition as standard Kubernetes resources (YAML).
  • Eliminates the need for complex DSLs like Rego.
  • Simplifies admission control, generation, mutation, and validation of workloads.
  • kyverno.io: 56 sample policies 🌟 [DOCUMENTATION] [ENTERPRISE-STABLE] — A rich library of ready-to-use Kyverno policy definitions. These templates address common cloud security standards (Pod Security Standards, multi-tenancy constraints, best practices, and resource optimization parameters) for instant cluster hardening.

Identity and Access Management

Cloud IAM

Microsoft Entra

  • Configure Microsoft Entra for Increased Security [DOCUMENTATION] [ENTERPRISE-STABLE] — Official documentation outlines hardening parameters for Microsoft Entra ID. Features prescriptive blueprints for setting up conditional access, continuous access evaluation, Multi-Factor Authentication (MFA), and role-based identity management.

Public Cloud Platforms

AWS

EKS Security and Isolation

Policy Management

Security

DevSecOps

SAST

  • GitHub Code Security Risk Assessment: Free Vulnerability Scanning [EN CONTENT] [COMMUNITY-TOOL] — An introduction to GitHub's native, free vulnerability scanning tools designed to locate security regressions, secrets, and supply chain threats directly within the code repository. It highlights automated security alerts and quick enablement configurations.

💡 Explore Related: IaC | Terraform | Ansible