YAML

Jan 1, 0001

Definition

YAML (YAML Ain’t Markup Language) is a human-readable data serialization standard commonly used for configuration files and data exchange between languages with different data structures. It is designed to be easily readable and writable by humans, making it a popular choice for configuration files in various applications and systems, including DevOps tools like Kubernetes, Ansible, and Docker Compose.

Secure Settings Example

apiVersion: v1
kind: Pod
metadata:
  name: secure-pod
spec:
  containers:
    - name: secure-container
      image: myapp:latest
      securityContext:
        runAsNonRoot: true
        readOnlyRootFilesystem: true
        capabilities:
          drop:
            - ALL

Insecure Settings Example

apiVersion: v1
kind: Pod
metadata:
  name: insecure-pod
spec:
  containers:
    - name: insecure-container
      image: myapp:latest
      securityContext:
        runAsNonRoot: false
        readOnlyRootFilesystem: false
        capabilities:
          add:
            - NET_ADMIN

YAML

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter