Tasks for protecting your etcd datastore.

Overview

Protect your etcd datastore by restricting operation permissions.

Generating certificates

Generate Certificates of Authority (CA) to authenticate users with etcd datastore.

Creating users and roles

Provide role-based access control to etcd datastore.

Segmenting etcd on Kubernetes (basic)

Limit user access to Kubernetes and Calico components.

Segmenting etcd on Kubernetes (advanced)

Limit user access to Calico components or calicoctl.

Calico key and path prefixes

Prefixes to configure Calico components to access the etcd datastore.