Kubernetes

• The Azure Kubernetes Service Checklist - ✨ Be ready for production ✨
• Udemy - Kubernetes Certified Application Developer (CKAD) with Tests
• K8sGPT
• Azure Container Storage: A New Dawn in Kubernetes Storage Solutions
• K9s - “Kubernetes CLI To Manage Your Clusters In Style!”
• Rancher Desktop
• Minikube
• https://github.com/GoogleCloudPlatform/microservices-demo
• steveteuber/kubectl-graph: A kubectl plugin to visualize Kubernetes resources and relationships.
• Must Read Free Kubernetes Books ~ Bilgin Ibryam (@bibryam)
• AKS (Kubernetes) day-2 operations guide - Azure Architecture Center | Microsoft Learn
• Introducing the Azure Linux container host for AKS
• How to use Gatekeeper | Gatekeeper
• learnk8s - Kubernetes Research
• Azure DevOps agents on AKS with workload identity - DEV Community
• “Hacking Container Security” - Super Cyber Friday - crowdcast
• Explore the Azure Kubernetes Service cluster and node architecture - Training | Microsoft Learn
• Deliver apps from code to cloud with Azure Kubernetes Service
• Deploying ASP.NET Core applications to Kubernetes
• Performing a Rolling Update
• Virtual Patching Best Practices
• kubelogin - used for Azure Entra ID login
• Tetragon - eBPF-based Security Observability and Runtime Enforcement
• Deploy containers by using Azure Kubernetes Service - Applied Skills | Microsoft Learn
• Must Read Free Kubernetes Books ~ Bilgin Ibryam (@bibryam)
• iximiuz/kexp: k’exp - Kubernetes Explorer
• Argo CD - Declarative GitOps CD for Kubernetes
• techiescamp/kubernetes-learning-path: A roadmap to learn Kubernetes from scratch (Beginner to Advanced level)
• Kubernetes Virtual Book Club
• Send a Signal to a Kubernetes App: a Non-Root Container Case | Challenge
• wagoodman/dive: A tool for exploring each layer in a docker image
• kubernetes-sigs/kube-scheduler-simulator: The simulator for the Kubernetes scheduler

Security

• Securing container deployments on Azure Kubernetes Service with open-source tools
• Leveraging Defender for Containers to simplify policy management in your Kubernetes Clusters - Microsoft Community Hub
• sigstore/cosign: Code signing and transparency for containers and binaries
• bitnami-labs/sealed-secrets: A Kubernetes controller and tool for one-way encrypted Secrets
• Kubernetes security fundamentals: API Security | Datadog Security Labs
• Kubernetes Exposed: One Yaml away from Disaster
• Encrypting Secret data at etcd store on a Minikube K8s Cluster | by Seralahthan | Medium
• [openclarity/kubeclarity: KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems](https://github.com/openclarity/kubeclarity
• Kubernetes Secret Management: A Comprehensive Guide with AWS Secrets Manager | by Sharon Sahadevan | Medium
• A Guide to Securing Kubernetes Namespaces | Rapid7 Blog
• What if your Pods need to trust self-signed certificates?
• WithSecureLabs/IceKube
• A Look at Software Composition Analysis
• quay/clair: Vulnerability Static Analysis for Containers
• aquasecurity/trivy: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
• acrlabs/simkube: Virtual Kubelet provider for Kubernetes scheduling simulations
• Network Policies: Understanding Kubernetes Network Policies
• Tactics - Threat Matrix for Kubernetes
• K8S Threat Model
• jatrost/awesome-kubernetes-threat-detection: A curated list of resources about detecting threats and defending Kubernetes systems.
• cyberark/KubiScan: A tool to scan Kubernetes cluster for risky permissions
• RBAC
  • PaloAltoNetworks/rbac-police: Evaluate the RBAC permissions of Kubernetes identities through policies written in Rego
  • Azure Kubernetes Service: RBAC options in practice - Microsoft Community Hub
  • Kubernetes RBAC: Privilege Escalation Exploits and Mitigations | by Seifeddine Rajhi | Medium
  • https://github.com/alcideio/rbac-tool
• undistro/marvin: Marvin is a CLI tool that scans a k8s cluster by performing CEL expressions to report potential issues, misconfigurations and vulnerabilities.
• Kubernetes SecurityContext with practical examples | by Eugene Butan | Marionete | Medium
• Introducing Enhanced Security in Azure Kubernetes Service: Disabling SSH Access on Cluster Nodes
• Simulator[] - Kubernetes Security Training Platform - focusing on security mitigation
• Securing Kubernetes: A Comprehensive Guide to Runtime Security and System Hardening
• Workload Identity
  • Kubernetes Workload Identity with AKS – baeke.info
  • AKS Workload Identity Revisited – baeke.info
• Sail Sharp, 9 tips to optimize and secure your .NET containers for Kubernetes
• • Ramilito/kubediff: Source VS Deployed
• Let’s talk about anonymous access to Kubernetes

Certification

• CKA
  • Acing CKA Exam — Certified Kubernetes Administrator
  • My preparation and tips for the Certified Kubernetes Administrator exam - Daniel’s Tech Blog
• CKAD
  • Kubernetes - tips for your CKAD exam by CNCF - Sokube
  • Kubernetes Certified Application Developer (CKAD) Training | Udemy
  • Udemy - Kubernetes Certified Application Developer (CKAD) with Tests
• KCSA
  • Kubernetes and Cloud Native Security Associate (KCSA)

Useful commands

kubectl config get-contexts

kubectl config use-context docker-desktop

docker container ls

az acr login --name 'xxxxxxxxxxxxxxxxx'

Get all service accounts:

kubectl get sa --all-namespaces