This project demonstrates a series of best practices for improving the security of containerized applications deployed to Kubernetes Engine. You will deploy multiple instances of the same container image with a variety of security settings to illustrate the use of RBAC, security contexts, and AppArmor policies.
☆93Aug 15, 2024Updated last year
Alternatives and similar repositories for gke-security-scenarios-demo
Users that are interested in gke-security-scenarios-demo are comparing it to the libraries listed below
Sorting:
- This project demonstrates a series of best practices for improving the security of containerized applications deployed to Kubernetes Engi…☆71Aug 19, 2024Updated last year
- This guide demonstrates how to improve the security of your Kubernetes Engine by applying fine-grained restrictions to network communicat…☆101Dec 14, 2023Updated 2 years ago
- This project covers two use cases for RBAC within a Kubernetes Engine cluster. First, assigning different permissions to user personas. S…☆165Aug 19, 2024Updated last year
- In this project, you will leverage Kubernetes Engine and Google Compute Engine to explore how Istio can manage services that reside outsi…☆55Dec 14, 2023Updated 2 years ago
- This is the shared project for two Kubernetes Engine demos☆18Dec 14, 2023Updated 2 years ago
- This project walks you through setting up monitoring and visualizing metrics from a Kubernetes Engine cluster. The logs from the Kubernet…☆113Mar 4, 2022Updated 4 years ago
- This project introduces you to Stackdriver's tracing feature, and provides a distributed tracing example that can serve as a basis for y…☆62Feb 20, 2026Updated 2 weeks ago
- This project demonstrates how a third party solution, like Datadog, can be used to monitor a Kubernetes Engine cluster and its workloads.…☆24Dec 14, 2023Updated 2 years ago
- This project demonstrates how to use an Istio service mesh in a single Kubernetes Engine cluster alongside Prometheus, Jaeger, and Grafan…☆60Dec 14, 2023Updated 2 years ago
- This project demonstrates a different upgrade procedures best suited for clusters containing stateless and stateful workloads. You will p…☆53Dec 14, 2023Updated 2 years ago
- This project describes the steps required to deploy a sample application to Kubernetes Engine that forwards log events to Stackdriver Log…☆51Dec 14, 2023Updated 2 years ago
- This project demonstrates how Istio's mesh expansion feature can be used to link services accross a VPN. The feature allows for a non-Kub…☆46Dec 14, 2023Updated 2 years ago
- The tutorial of "Kubernetes Security for Microservices"☆14Oct 3, 2023Updated 2 years ago
- This project installs an Apache Cassandra database into a Kubernetes Engine cluster. Various scripts are contained within this project th…☆39Aug 10, 2019Updated 6 years ago
- This demo provides a basic walkthrough of migrating a stateless application from running on a VM all the way to running it on Kubernetes …☆109Feb 20, 2026Updated 2 weeks ago
- This project shows how easy it is to connect an application in Kubernetes Engine to a Cloud SQL instance, using the Cloud SQL Proxy conta…☆72Sep 25, 2022Updated 3 years ago
- This lab demonstrates some of the security concerns of a default Kubernetes Engine cluster configuration and the corresponding hardening …☆17Jul 29, 2019Updated 6 years ago
- ☆32Jan 5, 2026Updated 2 months ago
- Take automated actions against threats and vulnerabilities.☆216Sep 14, 2023Updated 2 years ago
- Enable Falco to read audit logs from EKS☆11Dec 13, 2020Updated 5 years ago
- Compares and analyzes GCP IAM roles.☆78Mar 9, 2025Updated last year
- This demo builds two GKE Clusters and guides you through using secrets in Vault, using Kubernetes authentication from within a pod to log…☆72Aug 14, 2024Updated last year
- An API gateway plugin to introspect opaque access tokens and forward JWT access tokens to APIs☆18Feb 17, 2025Updated last year
- Automated GKE Kubelet Impersonation and Cluster Secret Stealer via kube-env☆102Sep 10, 2019Updated 6 years ago
- ☆39Aug 13, 2021Updated 4 years ago
- Create a dedicated IaaS instance per Pod to mitigate container breakout (including CPU vulnerabilities depending on the instance type)☆22Dec 11, 2019Updated 6 years ago
- Kubernetes Config Connector Policy Demo.☆24Apr 27, 2021Updated 4 years ago
- These are some of the commands which I use frequently during Malware Analysis and DFIR.☆24Jan 8, 2024Updated 2 years ago
- Deploys Zeek on Google Cloud☆26Feb 24, 2026Updated 2 weeks ago
- ☆22Jul 21, 2020Updated 5 years ago
- CVE database☆21Sep 2, 2020Updated 5 years ago
- Example used in the Cloud Build GitHub app tutorial☆12Apr 12, 2021Updated 4 years ago
- ☆12May 2, 2023Updated 2 years ago
- Simple Kubernetes client for Go☆11Feb 1, 2017Updated 9 years ago
- Kantega Web Application Security Hero Challenge☆19Dec 3, 2020Updated 5 years ago
- Terraform to run Scoutsuite security scan of projects within a Google Cloud Org. Report will be published to a GCS bucket.☆17Jan 5, 2026Updated 2 months ago
- ☆12Mar 31, 2021Updated 4 years ago
- Provide some tips to handle Injection into application code (OWASP TOP 10 - A1).☆10Nov 11, 2020Updated 5 years ago
- A simple way to evaluate the security of your Kubernetes deployment against sets of best practices defined by various community sources☆28Jan 31, 2020Updated 6 years ago