Security Guide

This guide provides recommendations on how to effectively use product capabilities to harden the security of a Mirantis OpenStack for Kubernetes (MOSK) deployment.

Note

The guide is being under development and will be updated with new sections in future releases of the product documentation.

• CADF audit notifications in OpenStack services
• Rotation of credentials in OpenStack
• Firewall configuration
  • Container Cloud
  • Mirantis Kubernetes Engine
  • StackLight
  • Ceph
  • MOSK
  • OpenStack
  • Tungsten Fabric
• OpenStack API access policies
  • New and legacy defaults
  • Changes to upstream default policies in MOSK
• Data protection
  • Data encryption capabilities
  • Encryption of live migration data
  • Encryption of cloud control plane communications
• Compliance
  • FIPS compliance