Skip to content

chore: add shared security responsibility doc #597

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Oct 14, 2021
Merged

chore: add shared security responsibility doc #597

Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
bbb1791
chore: add shared security responsibility doc
Sep 13, 2021
0659039
fix URL
Sep 14, 2021
01bed04
apply changes due to review
Oct 13, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
apply changes due to review
  • Loading branch information
Katie Horne committed Oct 13, 2021
commit 01bed0442079b03051a7089ea575d7a76f9cb300
42 changes: 21 additions & 21 deletions guides/admin/shared-security.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,25 +30,25 @@ performance:
- Depletion as denial of service
- PVC
- Ephemeral
- Networking
- Encryption (mTLS)
- Certificates
- TLS certificates presented by `coderd`
- TLS certificats presented by the applications with which Coder
interacts
- Boundaries (e.g., network policies)
- External interactions (ingress and egress)
- IP address depletion as denial of service
- Each workspace gets an IP address in the `pod` subset
- Each dev URL gets an IP address in the `services` subnet
- Kubernetes roles
- Service accounts for Coder to create pods
- Cluster admins (use of cluster admins can pose a security risk)
- Cloud access to the control plane
- Node security
- Upgrades to keep up with Kubernetes
- Access to node user accounts
- Cloud access to nodes
- Networking
- Encryption (mTLS)
- Certificates
- TLS certificates presented by `coderd`
- TLS certificats presented by the applications with which Coder
interacts
- Boundaries (e.g., network policies)
- External interactions (ingress and egress)
- IP address depletion as denial of service
- Each workspace gets an IP address in the `pod` subset
- Each dev URL gets an IP address in the `services` subnet
- Kubernetes roles
- Service accounts for Coder to create pods
- Cluster admins (use of cluster admins can pose a security risk)
- Cloud access to the control plane
- Node security
- Upgrades to keep up with Kubernetes
- Access to node user accounts
- Cloud access to nodes

### Recommendations

Expand All @@ -72,14 +72,14 @@ deploying security controls:
- Site admins could convert a user authenticating via OIDC to built-in,
allowing the admin to impersonate the user
- Container registry
- The registry account used to add the registry should be a specific
- The registry account used to access images should be a specific
Coder-only account so that Coder users can only pull approved images
- CVMs can only pull unauthenticated containers, which means that any user can
reference any container within the registry
- Git provider
- OAuth linkage allows Coder admins to perform actions as the linked Git user
- SSH keys generated by Coder and added to workspaces can be used to
facilitate 2FA to Coder via GitLab
circumvent 2FA to GitLab via Coder
- Git integration request both SSH and HTTPS access to function
- Access to all user repos must be added to a Coder workspace to clone private
dotfiles repos
Expand Down