tiller-releases-converter

Helm and its security options

If you are a Helm user, you perhaps stumbled upon an excellent “Securing Helm installation” write-up in the official repository. If you were not aware of this document, take time to read it, that’s a good starting point.

To summarize, there are four main points to consider when securing your installation:

  1. Role-based access control, or RBAC.
  2. Tiller’s gRPC endpoint and its usage by Helm.
  3. Tiller Release Information.
  4. Helm charts.

Tiller Release Information is something that I want to talk about further.

What is the problem with Tiller releases?

Historically, for each “release,” which is basically any configuration or version update of an application, Tiller creates a ConfigMap containing all operational data.

Author

Explore more OSS projects

Contact us

We’d love to hear from you! We’re not really all that evil, and we love discussing potential projects, intriguing ideas, and new opportunities. Complete the form below or drop us a line at surrender@evilmartians.com.

Martians at a glance
16
years in business

A product development consultancy that works with startups and established businesses, while also creating open source-based products and services