Automated Pod Security for Sensitive AI Data

Question

Pulumi · Accepted Answer

When handling sensitive AI data within a Kubernetes cluster, it's imperative to implement security measures to protect against unauthorized access and potential vulnerabilities. Pulumi provides a way to programmatically enforce security controls through Infrastructure as Code (IaC).

In this context, Pulumi uses Kubernetes' Pod Security Policies (PSPs) to define a set of conditions that pods must meet to be accepted by the cluster. Pod Security Policies allow administrators to control the security specifications that a pod must conform to, such as forbidding privileged containers, enforcing the use of user IDs, and restricting volume types.

Below is a Pulumi program written in Python that creates a Pod Security Policy designed to secure pods that handle sensitive AI data. This policy is quite restrictive to align with the high security measures required for sensitive data:

1. Forbids running as the root user.
2. Does not allow privilege escalation.
3. Ensures file systems are mounted read-only where possible.
4. Limits the volumes that can be used to a set of known types.

Here is a detailed Pulumi program to create such a policy:

```python
import pulumi
import pulumi_kubernetes as kubernetes

# Creating a restrictive Pod Security Policy
pod_security_policy = kubernetes.policy.v1beta1.PodSecurityPolicy(
    "ai-data-security-policy",
    spec={
        # Disallow privileged containers
        "privileged": False,
        # Do not allow privilege escalation
        "allowPrivilegeEscalation": False,
        # Enforce running as non-root users
        "runAsUser": {
            "rule": "MustRunAsNonRoot"
        },
        # Allow the use of certain volume types known to be secure
        "volumes": ["configMap", "emptyDir", "projected", "secret", "downwardAPI", "persistentVolumeClaim"],
        # Enforce read-only root file system where possible
        "readOnlyRootFilesystem": True,
        # Define the allowed Host Path
        "allowedHostPaths": [{
            "pathPrefix": "/data/ai",
            "readOnly": True
        }],
        # Enforce the use of SELinux labels
        "seLinux": {
            "rule": "RunAsAny"
        },
        # Set restrictions on Supplemental Groups
        "supplementalGroups": {
            "rule": "RunAsAny"
        },
        # Set restrictions on the FSGroup
        "fsGroup": {
            "rule": "RunAsAny"
        }
    },
    metadata={
        "name": "ai-data-security"
    }
)

# Export the name of the pod security policy
pulumi.export("pod_security_policy_name", pod_security_policy.metadata["name"])
```

This Pulumi program defines a Kubernetes Pod Security Policy manifest with several parameters tailored to protect sensitive data while pods are being scheduled and run within a cluster. It sets explicit permissions and behaviors.

Let's walk through the PSP definition:

- `"privileged": False` ensures that no privileged containers are allowed. Privileged containers can access all devices on the host with the same privileges as processes running on the host.

- `"allowPrivilegeEscalation": False` ensures that processes cannot gain more privileges than their parent process.

- `"runAsUser": {"rule": "MustRunAsNonRoot"}` ensures that the container has a user defined in the Docker image and that it is not the root user.

- `"volumes"` lists specific volume types that are allowable, restricting access only to known good volume types.

- `"readOnlyRootFilesystem": True` ensures that containers cannot write to the root filesystem.

- `"allowedHostPaths"` specifies which host paths can be mounted into a pod, in this case `/data/ai`, and they are mounted as read-only.

- `"seLinux"` sets the enforcement to run SELinux, a Linux kernel security module, under any label.

The metadata section names the PSP `ai-data-security`, making it easy to reference in other Kubernetes resources, such as RoleBinding or ClusterRoleBinding, that assign the policy to a certain set of users or service accounts.

Finally, the program exports the name of the Pod Security Policy so that it can be referenced using Pulumi's stack outputs in other parts of your infrastructure or CI/CD systems.

For more information on Kubernetes Pod Security Policies, you can refer to the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/policy/pod-security-policy/). For more details on how to work with Pulumi and Kubernetes, Pulumi's Kubernetes [API documentation](https://www.pulumi.com/registry/packages/kubernetes/api-docs/policy/v1beta1/podsecuritypolicy/) is a comprehensive resource.