Searching for results...

No results

Your search did not match anything from Mirantis documentation.
Check your spelling or try different keywords.

An error occurred

An error occurred while using the search.
Try your search again or contact us to let us know about it.

Newer documentation is now live.You are currently reading an older version.

Switch to latest✕

Security Guide

This guide provides recommendations on how to effectively use product capabilities to harden the security of a Mirantis OpenStack for Kubernetes (MOSK) deployment. It is intended for cloud operators and administrators who need to implement security best practices, configure security features, and ensure compliance with regulatory requirements.

This guide focuses on practical security configurations and capabilities available in MOSK, including access policies, audit logging, credential management, data protection, firewall configuration, and compliance standards. The goal is to help operators secure their deployments and maintain a hardened and compliant cloud environment.

• CADF audit notifications in OpenStack services
• Rotation of credentials in OpenStack
• Firewall configuration
  • MOSK management
  • Mirantis Kubernetes Engine
  • StackLight
  • Ceph
  • MOSK
  • OpenStack
  • Tungsten Fabric
• OpenStack API access policies
  • New and legacy defaults
  • Changes to upstream default policies in MOSK
• Data protection
  • Data encryption capabilities
  • Encryption of live migration data
  • Encryption of cloud control plane communications
• Compliance
  • Federal Information Processing Standards (FIPS)
  • Center for Internet Security (CIS) benchmarks for host OS
• Container images signing and validation
• LBaaS certificate
  • Monitoring certificate expiration
  • Triggering certificate rotation