ATC+
Advanced Configuration Lab · On-demand
Kubernetes RBAC and Workload Security
Details
Goals & objectives
Hardware & software
Solution overview
In this lab you will secure access to a Kubernetes cluster by controlling both who can interact with it and what workloads are allowed to do once running. You will create cluster users from certificates and kubeconfigs, scope their access with Roles and ClusterRoles, give workloads their own identity with Service Accounts, and harden containers using Security Contexts. You will then enforce those standards automatically at the namespace level with Pod Security Admission.