Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Threat Modeling] Limit access to Gardener project kubeconfig #56

Closed
1 task done
Disper opened this issue Nov 8, 2023 · 4 comments
Closed
1 task done

[Threat Modeling] Limit access to Gardener project kubeconfig #56

Disper opened this issue Nov 8, 2023 · 4 comments
Assignees
Labels
area/control-plane Related to all activities around Kyma Control Plane bv/security Business Value: Security (see ISO 25010)

Comments

@Disper
Copy link
Member

Disper commented Nov 8, 2023

Reason

We're using a kubeconfig defined in gardener-kubeconfig-path. We should limit the access to it to not allow unathorize access to the gardener project.

KIM has currently too many privileges and can also read other secrets which are not required for his work. This unnecessary privileges have to be removed to follow the least-privilege pattern.

Acceptance criteria

  • review access rights to the gardener project kubeconfig and adjust them to allow only read access for KIM and deny access to any other secret which is not relevant for KIM's regular work
@Disper Disper added the area/security Issues or PRs related to security label Nov 8, 2023
@tobiscr tobiscr added area/control-plane Related to all activities around Kyma Control Plane kind/feature Categorizes issue or PR as related to a new feature. bv/security Business Value: Security (see ISO 25010) and removed area/security Issues or PRs related to security kind/feature Categorizes issue or PR as related to a new feature. labels Dec 18, 2023
@tobiscr tobiscr changed the title Limit access to Gardener project kubeconfig [Threat Modelling] Limit access to Gardener project kubeconfig Jan 2, 2024
@TorstenD-SAP TorstenD-SAP changed the title [Threat Modelling] Limit access to Gardener project kubeconfig [Threat Modeling] Limit access to Gardener project kubeconfig Aug 30, 2024
@Disper
Copy link
Member Author

Disper commented Nov 27, 2024

#524 and #357 improved rbacs also around secrets.
KIM now can only work on secrets that are in kcp-system namespace.
@tobiscr, would that be enough to consider this issue as mitigated?

@tobiscr
Copy link
Contributor

tobiscr commented Nov 28, 2024

Considering #531 we allow access only to secrets within the kcp-system namespace. As KIM has to update regularly secrets in this namespace (e.g. kubeconfigs of SKRs are also stored in secrets), being more restrictive would cause technical implications for KIM.

Closing this issue as KIM has now limited access to secrets.

@tobiscr tobiscr closed this as completed Nov 28, 2024
@tobiscr
Copy link
Contributor

tobiscr commented Nov 28, 2024

Waiting for merge of #531

@tobiscr tobiscr reopened this Nov 28, 2024
@Disper Disper self-assigned this Dec 2, 2024
@Disper
Copy link
Member Author

Disper commented Dec 3, 2024

#531 merged

@Disper Disper closed this as completed Dec 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/control-plane Related to all activities around Kyma Control Plane bv/security Business Value: Security (see ISO 25010)
Projects
None yet
Development

No branches or pull requests

2 participants