age
Definition
In the context of security, “age” often refers to the duration for which a particular security credential, such as a password, certificate, or token, has been in use. Managing the age of these credentials is crucial to maintaining security hygiene, as older credentials may be more susceptible to compromise. Regularly rotating or expiring credentials helps mitigate risks associated with unauthorized access.
Secure Settings Example
# Kubernetes PodSecurityContext example for managing token age
apiVersion: v1
kind: Pod
metadata:
name: secure-pod
spec:
securityContext:
runAsUser: 1000
fsGroup: 2000
containers:
- name: secure-container
image: secure-image
securityContext:
allowPrivilegeEscalation: false
lifecycle:
postStart:
exec:
command: ["/bin/sh", "-c", "rotate-token.sh"]
Insecure Settings Example
# Example of a static token with no expiration
apiVersion: v1
kind: Pod
metadata:
name: insecure-pod
spec:
containers:
- name: insecure-container
image: insecure-image
env:
- name: STATIC_TOKEN
value: "hardcoded-token-without-expiration"