Please use this identifier to cite or link to this item: http://hdl.handle.net/10609/150608
Title: Diseño e implementación de un clúster Kubernetes seguro en AWS
Author: Saldaña López, Angel
Tutor: Albós Raya, Amadeu
Others: Garcia-Font, Victor  
Abstract: Kubernetes security issues negatively impact businesses, for example, causing project delays, customer loss, or regulatory fines from the public administration due to compliance violations or data breaches. This Final Master's Thesis investigates, designs, and implements technical solutions to mitigate the risks of this product, taking the manifest OWASP Kubernetes Top Ten as a reference. Kubernetes plays a crucial role in the modern software development lifecycle because it is a platform with all the capabilities that any application based on microservices needs. Despite these advantages, many organizations reject or postpone using this technology because of security concerns. This thesis has analyzed the principal risks of Kubernetes, taking the threat modeling “OWASP Kubernetes Top Ten” as a reference. We have designed and implemented a secure EKS cluster on Amazon Web Service to mitigate the previously identified threats. After following the vendor's best practices guide regarding system hardening, we provisioned the infrastructure using code developed with Terraform. After that, we deployed security policies using Kyverno to ensure that all workloads meet the security requirements. Finally, we installed Falco to analyze logs and trigger alerts in real-time after detecting suspicious activity, and we configured periodic security scans with Trivy to obtain vulnerabilities reports. With the previous actions taken, security has been integrated into software development lifecycle following DevSecOps methodologies, obtaining an exportable product for the business.
Keywords: Kubernetes
DevSecOps
AWS
OWASP
Kyverno
Falco
Trivy
Document type: info:eu-repo/semantics/masterThesis
Issue Date: 11-Jun-2024
Publication license: http://creativecommons.org/licenses/by-nc-nd/3.0/es/  
Appears in Collections:Trabajos finales de carrera, trabajos de investigación, etc.

Files in This Item:
File Description SizeFormat 
asaldanaTFM0624memoria.pdfMemoria del TFM7,03 MBAdobe PDFThumbnail
View/Open
asaldanaTFM0624presentacion.pdfPresentación del TFM2,26 MBAdobe PDFThumbnail
View/Open
Share:
Export:
View statistics

This item is licensed under aCreative Commons License Creative Commons