Skip to main content
Version: next

Security / Security Model

Security model and trust assumptions

Threat model, security profiles, and trust material such as root tokens, unseal keys, and bootstrap identities.

Read the threat modelReview production posture

Security model routes

  1. 01

    Threat model

    Trust boundaries, attacker assumptions, and design mitigations.

    Open
  2. 02

    Production posture

    How Development and Hardened differ, and the supported production contract.

    Open
  3. 03

    Secrets and trust material

    Review how root tokens, unseal keys, and bootstrap credentials are created, stored, or intentionally avoided.

    Open

Next actions

Open platform controlsKubernetes controls that enforce the trust model.Configure security profilesTask page for setting spec.profile on a cluster.
Next release documentation

You are reading the unreleased main docs. Use the version menu for the newest published release, or check the release notes for what is already out.

Was this page helpful?

Use Needs work to open a structured GitHub issue for this page. The Yes button only acknowledges the signal locally.

Needs work