Securing Kubernetes release artifacts and workload integrity
Attacks on enterprise software build systems have demonstrated the need to protect the integrity of software solutions from coding through to production operations. This can be done by employing secure software supply chain concepts and components. Policies and software supply chain artifacts provide centralized control over risk mitigation, and the knowledge graph provides increased risk assessment insights across the entire software supply chain.
A software supply chain typically refers to all the components and processes required to successfully build, distribute, and deploy a product. This is made up of everything from the source code, to the code repos and artifact registries, to the build servers, and to the deployment and operating systems/tools.
Protecting the Kubernetes software supply chain
Attacks against the supply chain come in a variety of forms, from a direct attack on a company's software build system to the compromise of a third-party dependency. In an infamous attack, hackers infiltrated SolarWinds' build system Untangling Disinformation to inject malicious code into their widely used enterprise management products, enabling severe attacks against SolarWinds' customers. In an attack against Log4j, the ubiquitous open-source Java logging framework, malicious code was added to the Log4Shell tool. This enabled attacks against Log4j users, leading to exfiltrated data, injection of malicious content, and/or takeover of targeted systems.
There is an urgent need to mitigate these risks across the software supply chain by improving security controls. This has been widely acknowledged by authoritative organizations. For example:
- US Government issued [Executive Order on Improving the Nation's Cybersecurity (EO 14028)]CNCF's announcement of paper defining best practices for supply chain security and the accompanying blog post on Evaluating your Supply Chain Security.
- Google published the SLSA (Supply-chain Levels for Software Artifacts) framework which is a set of incrementally adoptable security guidelines.
- Microsoft donated the Supply Chain Consumption Framework (S2C2F) to the OpenSSF to provide guidance for securing the OSS dependencies consumed in the developer's workflow.
Creating a secure software supply chain for AKS workloads
The following pages discuss a proven secure software supply chain solution for AKS workloads:
- Secure software supply chain lifecycle logical architecture
- Considerations for building a secure software supply chain
- Notation-based secure software supply chain solution for the Azure Kubernetes Service (AKS)
For more information
- Notary Project: Standards-based spec and tooling for securing software supply chains
- Sigstore: Sign. verify. protect. Making sure your software is what it claims to be.
- Linux Foundation: What is a Software Bill of Materials (SBOM) ?
- Cloud Native Computing Foundation (CNCF): A MAP for Kubernetes supply chain security
- MS Learn: Introduction to Microsoft's framework for securing containers