From 376caaeac174fa82f87e033a3896c74c057753a1 Mon Sep 17 00:00:00 2001
From: Naresh Koduru <kodurunaresh235@gmail.com>
Date: Tue, 3 Sep 2024 11:16:07 +0530
Subject: [PATCH] :book: infrastructure provider security guidelines

---
 docs/book/src/SUMMARY.md                             |  1 +
 .../developer/providers/cluster-infrastructure.md    |  4 ++++
 .../developer/providers/machine-infrastructure.md    |  4 ++++
 .../infrastructure-provider-security-guidance.md     | 12 ++++++++++++
 4 files changed, 21 insertions(+)
 create mode 100644 docs/book/src/security/infrastructure-provider-security-guidance.md

diff --git a/docs/book/src/SUMMARY.md b/docs/book/src/SUMMARY.md
index 24c09d956358..e06dacc4a98d 100644
--- a/docs/book/src/SUMMARY.md
+++ b/docs/book/src/SUMMARY.md
@@ -46,6 +46,7 @@
     - [Diagnostics](./tasks/diagnostics.md)
 - [Security Guidelines](./security/index.md)
     - [Pod Security Standards](./security/pod-security-standards.md)
+    - [Infrastructure Provider Security Guidance](./security/infrastructure-provider-security-guidance.md)
 - [clusterctl CLI](./clusterctl/overview.md)
     - [clusterctl Commands](clusterctl/commands/commands.md)
         - [init](clusterctl/commands/init.md)
diff --git a/docs/book/src/developer/providers/cluster-infrastructure.md b/docs/book/src/developer/providers/cluster-infrastructure.md
index 249b2abc247a..c8059f4eeb35 100644
--- a/docs/book/src/developer/providers/cluster-infrastructure.md
+++ b/docs/book/src/developer/providers/cluster-infrastructure.md
@@ -187,3 +187,7 @@ Note, the write permissions allow the `Cluster` controller to set owner referenc
 "infrastructure cluster" resources; they are not used for general mutations of these resources.
 
 [aggregation label]: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles
+
+## Security Guidelines
+
+Please refer to [Infrastructure Provider Security Guidance](../../security/infrastructure-provider-security-guidance.md).
diff --git a/docs/book/src/developer/providers/machine-infrastructure.md b/docs/book/src/developer/providers/machine-infrastructure.md
index 75177468c8eb..526d4673e126 100644
--- a/docs/book/src/developer/providers/machine-infrastructure.md
+++ b/docs/book/src/developer/providers/machine-infrastructure.md
@@ -209,3 +209,7 @@ Note, the write permissions allow the `Machine` controller to set owner referenc
 "infrastructure machine" resources; they are not used for general mutations of these resources.
 
 [aggregation label]: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles
+
+## Security Guidelines
+
+Please refer to [Infrastructure Provider Security Guidance](../../security/infrastructure-provider-security-guidance.md).
diff --git a/docs/book/src/security/infrastructure-provider-security-guidance.md b/docs/book/src/security/infrastructure-provider-security-guidance.md
new file mode 100644
index 000000000000..a0e849421ee1
--- /dev/null
+++ b/docs/book/src/security/infrastructure-provider-security-guidance.md
@@ -0,0 +1,12 @@
+# Infrastructure Provider Security Guidance
+
+- Ensure credentials used by Cluster API are least privileged and setting access control
+on Cluster API controller namespaces to prevent unauthorized access by anyone other
+than cloud admin.
+- Implement 2FA for all maintainer accounts on Github. Apply the second pair of eyes
+principle when performing privileged actions such as image building or updates to the
+contents of the machine images.
+- Use short-lived credentials that are auto-renewed using node level attestation.
+- Implement rate limits for creation, deletion and update of cloud resources.
+- Any cloud resource not linked to a cluster after a fixed configurable period of time
+created by these cloud credentials, should be auto-deleted or marked for garbage collection.