Skip to main content


This section describes the methodology and means of securing a K3s cluster. It's broken into 2 sections. These guides assume k3s is running with embedded etcd.

First the hardening guide provides a list of security best practices to secure a K3s cluster.

Second, is the self assessment to validate a hardened cluster. We currently have two different assessments available: