Configuration Management Flashcards
Config management dashboard widgets
1) Toolbar
2) Most used secrets
3) User with most admin roles
4) Policy violations
5) CIS Docker
Toolbar of the cm dashboaord
1) Policies
2) Infra: nodes, clusters, deployments, image, secrets, ns
3) RBAC: user & groups, roles service accounts
4) Controls
What is CIS
Center for Information Security
How do you find out the number of controls, sa or secrets in a cluster?
Go to Confguration Management
In toolbar, select Infrastructure
Then select clusters
How do you find out the number of controls, sa or secrets in a namespace?
Go to Confguration Management
In toolbar, select Infrastructure
Then select namespaces
Examples of Config Management policies
1) Using emergency annotation to avoid admission controller
2) Using secrets in env variables
3) Exposing ssh port
4) Privileged containers
5) No resource requests and limits
How do you configure ACS?
Platform Configuration > System Configuration > Edit
What are ACS configuration options?
Data Retention Configuration
Header Configuration
Footer Configuration
Login Configuration
Cluster deletion configuration
How do you determine ACS System Health?
Platform Configuration > System Health
What are the key groups in the health dashboard?
1) Cluster health
2) Vulnerabilities definition
3) Notifier integration
4) Image Integration
5) Backup Integration
What are elements of cluster health?
1) Cluster overview
2) Admission controller status
3) Sensor status
4) Collector status
5) Sensor Upgrade
6) Credentials expiration
What are the types of roles you have in ACS?
1) System roles: created by Red Hat and cannot be changed.
2) Custom roles: Created by admins.
What are permission sets?
set of permissions that define what actions a role can perform on a given resource.
Different types of permission sets
1) System permission sets: created by Red Hat and cannot be changed.
2) Custom permission sets: created by admins.
Define access scopes
set of Kubernetes and OpenShift resources that users can access.
