The OpenStack Security Guide provides best practices learned by real cloud operators while hardening their OpenStack deployments.
This book was written by a close community of security experts from the OpenStack Security Group in a short, intense week-long effort at an undisclosed location. One of the goals for this book is to bring together interested members to capture their collective knowledge and give it back to the OpenStack community.
In this book you'll find practical security guidance:
- Discussions about each OpenStack service
- Information about isolating security domains and securing domain bridges
- Public and private cloud considerations
- Best practices for management layers and access
- Secure node bootstrapping and hardening
- SSL, SSH, and PKI availability per OpenStack service
- API endpoint best practices
- Security for messaging transport and queues
- Database and data security best practices and considerations
- Hypervisor selection advice
- Security services available for OpenStack instances and trusted images
- Migration information
- Logging information and considerations
- Access control and identity management concepts
This work is licensed under a Creative Commons Attribution 3.0 United States License.