ATC+
Advanced Configuration Lab  · On-demand

Kubernetes RBAC and Workload Security

Solution overview

In this lab you will secure access to a Kubernetes cluster by controlling both who can interact with it and what workloads are allowed to do once running. You will create cluster users from certificates and kubeconfigs, scope their access with Roles and ClusterRoles, give workloads their own identity with Service Accounts, and harden containers using Security Contexts. You will then enforce those standards automatically at the namespace level with Pod Security Admission.

Lab diagram

Loading