Working with images securely missing links

[matthewfischer]

Would recommend:

https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
https://kubernetes.io/docs/admin/admission-controllers/

Per discussion on kubernauts slack

[matthewfischer]

OTOH security context is already used and admission controllers are not image specific, so open to other ideas

[matthewfischer]

I'm now thinking that it means:

https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry

and

https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod

[matthewfischer]

Could also mean: don't use latest and validate the SHAs:

https://kubernetes.io/docs/concepts/configuration/overview/#container-images

[walidshaari]

I am not sure, I did not pay attention to slack, what objective is this?

[matthewfischer]

"Working with images securely" is the section, under Security

[walidshaari]

I believe you are right when thinking private registry with enabled SSL. admission controllers are new to me, however, seems probable, but, security-context is more with pods and containers, not images. I have to admit the exam seems to have evolved.

[walidshaari]

closing