GoogleCloudPlatform / gke-application-security-demo
This project demonstrates a series of best practices for improving the security of containerized applications deployed to Kubernetes Engine. You will deploy multiple instances of the same container image with a variety of security settings to illustrate the use of RBAC, security contexts, and AppArmor policies.
☆69Updated 3 months ago
Related projects ⓘ
Alternatives and complementary repositories for gke-application-security-demo
- This project demonstrates a series of best practices for improving the security of containerized applications deployed to Kubernetes Engi…☆94Updated 3 months ago
- In this project, you will leverage Kubernetes Engine and Google Compute Engine to explore how Istio can manage services that reside outsi…☆53Updated 11 months ago
- This project demonstrates a different upgrade procedures best suited for clusters containing stateless and stateful workloads. You will p…☆52Updated 11 months ago
- This is the shared project for two Kubernetes Engine demos☆18Updated 11 months ago
- This guide demonstrates how to improve the security of your Kubernetes Engine by applying fine-grained restrictions to network communicat…☆99Updated 11 months ago
- This project demonstrates how a third party solution, like Datadog, can be used to monitor a Kubernetes Engine cluster and its workloads.…☆23Updated 11 months ago
- Implementation steps and assets for Google Cloud Anthos blueprints https://cloud.google.com/architecture/blueprints/anthos-security-blue…☆44Updated 6 months ago
- This demo builds two GKE Clusters and guides you through using secrets in Vault, using Kubernetes authentication from within a pod to log…☆71Updated 3 months ago
- [Deprecated] Automated Anthos Installation via Terraform for Equinix Metal with vSphere☆63Updated 2 months ago
- PCI on GKE Blueprint: PCI Deployable Architecture on Google Cloud and GKE☆127Updated 4 years ago
- This project walks you through setting up monitoring and visualizing metrics from a Kubernetes Engine cluster. The logs from the Kubernet…☆109Updated 2 years ago
- Golang library which provides functionality to evaluate GCP resources against Rego-based policies☆45Updated 3 weeks ago
- This repository guides you through deploying a private GKE cluster and provides a base platform for hands-on exploration of several GKE r…☆53Updated 5 years ago
- Report OPA Gatekeeper audit violations in Security Command Center.☆42Updated 3 months ago
- ☆39Updated 3 years ago
- A library of constraint templates and sample constraints for Constraint Framework tools☆224Updated 5 months ago
- 📦 Demo generator for Google Kubernetes Engine!☆91Updated 3 weeks ago
- ☆81Updated last year
- Anthos Config Management Examples☆72Updated 3 years ago
- This project covers two use cases for RBAC within a Kubernetes Engine cluster. First, assigning different permissions to user personas. S…☆161Updated 3 months ago
- This project demonstrates how to use an Istio service mesh in a single Kubernetes Engine cluster alongside Prometheus, Jaeger, and Grafan…☆60Updated 11 months ago
- ☆71Updated 5 years ago
- This project demonstrates how Istio's mesh expansion feature can be used to link services accross a VPN. The feature allows for a non-Kub…☆46Updated 11 months ago
- This project describes the steps required to deploy a sample application to Kubernetes Engine that forwards log events to Stackdriver Log…☆52Updated 11 months ago
- This project introduces you to Stackdriver's tracing feature, and provides a distributed tracing example that can serve as a basis for y…☆62Updated 3 months ago
- An application to help with IP Address Management (IPAM) for Google Kubernetes Engine (GKE) clusters. Easily allows the calculation of th…☆58Updated this week
- Handles opinionated VPC Service Controls and Access Context Manager configuration and deployments☆63Updated this week
- This repository hosts the terraform module that helps setup a GKE cluster and environment based on the Enterprise Multi-Tenancy Best Prac…☆26Updated 2 years ago
- An end-to-end operating model for onboarding and continually deploying services with Anthos.☆85Updated 6 months ago