docs/doc/source/security/index.rst

========
Security
========

----------
Kubernetes
----------

|prod-long| security encompasses a broad number of features.


.. _overview-of-starlingx-security-ul-ezc-k5f-p3b:

-   |TLS| support on all external interfaces

-   Kubernetes service accounts and |RBAC| policies for authentication and
    authorization of Kubernetes API / CLI / GUI

-   Encryption of Kubernetes Secret Data at Rest

-   Keystone authentication and authorization of StarlingX API / CLI / GUI

-   Barbican is used to securely store secrets such as BMC user passwords

-   Networking policies / Firewalls on external APIs

-   |UEFI| secureboot

-   Signed software updates

.. toctree::
   :maxdepth: 2

   kubernetes/index

---------
OpenStack
---------

.. check what put here

.. toctree::
    :maxdepth: 2

    openstack/index
Security guide update Re-organized topic hierarchy Tiny edit to restart review workflow. Squashed with Resolved index.rst conflict commit Change-Id: I13472792cb19d1e9975ac76c6954d38054d606c5 Signed-off-by: Keane Lim <keane.lim@windriver.com> Signed-off-by: MCamp859 <maryx.camp@intel.com> 2020-08-31 11:01:56 -04:00			`========`
			`Security`
			`========`

			`----------`
			`Kubernetes`
			`----------`

			`\|prod-long\| security encompasses a broad number of features.`


			`.. _overview-of-starlingx-security-ul-ezc-k5f-p3b:`

			`- \|TLS\| support on all external interfaces`

			`- Kubernetes service accounts and \|RBAC\| policies for authentication and`
			`authorization of Kubernetes API / CLI / GUI`

			`- Encryption of Kubernetes Secret Data at Rest`

			`- Keystone authentication and authorization of StarlingX API / CLI / GUI`

			`- Barbican is used to securely store secrets such as BMC user passwords`

			`- Networking policies / Firewalls on external APIs`

			`- \|UEFI\| secureboot`

			`- Signed software updates`

			`.. toctree::`
			`:maxdepth: 2`

			`kubernetes/index`
Upstreaming WRO Removed duplicate abbrev definitions Signed-off-by: Rafael Jardim <rafaeljordao.jardim@windriver.com> Change-Id: I7910d9f54e158250004abd7e17a4e119f8064252 Signed-off-by: Ron Stone <ronald.stone@windriver.com> 2021-03-18 08:11:53 -03:00
			`---------`
			`OpenStack`
			`---------`

			`.. check what put here`

			`.. toctree::`
			`:maxdepth: 2`
CephFS RWX Support in Host-based Ceph Incorporated patchset 1 review comments Updated patchset 5 review comments Updated patchset 6 review comments Fixed merge conflicts Updated patchset 8 review comments Change-Id: Icd7b08ab69273f6073b960a13cf59905532f851a Signed-off-by: Juanita-Balaraj <juanita.balaraj@windriver.com> 2021-04-19 00:22:38 -04:00
Upstreaming WRO Removed duplicate abbrev definitions Signed-off-by: Rafael Jardim <rafaeljordao.jardim@windriver.com> Change-Id: I7910d9f54e158250004abd7e17a4e119f8064252 Signed-off-by: Ron Stone <ronald.stone@windriver.com> 2021-03-18 08:11:53 -03:00			`openstack/index`