CSI

Jan 1, 0001

Definition

CSI, or Container Storage Interface, is a standardized API specification that enables container orchestration systems like Kubernetes to expose arbitrary storage systems to containerized workloads. It allows storage vendors to develop a single driver that works across all container orchestration systems that support CSI, thus simplifying storage management and integration.

Secure Settings Example

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: secure-csi-storage
provisioner: csi.example.com
parameters:
  encrypted: "true"
  encryptionKey: "kms-key-id"
  fsType: "ext4"
allowVolumeExpansion: true
mountOptions:
  - noexec
  - nosuid

Insecure Settings Example

apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: insecure-csi-storage
provisioner: csi.example.com
parameters:
  encrypted: "false"
  fsType: "ext4"
allowVolumeExpansion: true
mountOptions:
  - exec
  - suid

CSI

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter