.. _index-security-84d0d8aa401b:

========
Security
========

----------
Kubernetes
----------

.. kub-begin

|prod-long| security encompasses a broad number of features.

.. _overview-of-starlingx-security-ul-ezc-k5f-p3b:

-   |TLS| support on all external interfaces

-   Kubernetes service accounts and |RBAC| policies for authentication and
    authorization of Kubernetes API / CLI / GUI

-   Encryption of Kubernetes Secret Data at Rest

-   Keystone authentication and authorization of StarlingX API / CLI / GUI

-   Barbican is used to securely store secrets such as |BMC| user passwords

-   Networking policies / Firewalls on external APIs

-   |UEFI| secureboot

-   Signed software updates

.. kub-end

Contents:
---------

.. toctree::
   :maxdepth: 2

   kubernetes/index-security-kub-81153c1254c3

---------
OpenStack
---------

.. os-begin

.. os-end

.. toctree::
    :maxdepth: 2

    openstack/index-security-os-a2375141dcc2