Overview

Overview¶

TLS support on all external interfaces
Kubernetes service accounts and RBAC policies for authentication and authorization of Kubernetes API / CLI / GUI
Encryption of Kubernetes Secret Data at Rest
Keystone authentication and authorization of StarlingX API / CLI / GUI
Barbican is used to securely store secrets such as BMC user passwords
Networking policies / Firewalls on external APIs
UEFI secureboot
Signed software updates

this page last updated: 2025-10-24 16:41:57

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.