Kubernetes Threat Model

Kubernetes orchestrates containers across many nodes. It centralizes secrets, networking, and compute, so compromising the cluster can mean compromising every workload it runs.

• One API server controls the entire cluster.
• Nodes run many tenants' workloads side by side.
• Misconfiguration is far more common than core CVEs.

To threat-model, know the components.

• Control plane: API server, etcd, scheduler, controller-manager.
• Nodes: kubelet, container runtime, kube-proxy, pods.
• etcd stores all cluster state and secrets.

The API server is the single entry point; etcd is the data crown jewel.