From the course: Securing Containers and Kubernetes Ecosystem
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Authenticating users - Kubernetes Tutorial
From the course: Securing Containers and Kubernetes Ecosystem
Authenticating users
- [Instructor] Kubernetes supports two types of subjects, regular human users and machine accounts, also known as service accounts. Service accounts are managed within Kubernetes while the user accounts are expected to be managed outside of Kubernetes. In fact, Kubernetes doesn't even have a native representation of a human user. In other words, you can create accounts for people in Kubernetes. So how does Kubernetes authenticate then? It supports several authentication options. Some of these options are encouraged since they meet good security practices while others not so. Here's the list of options as of the writing of this course. Static password or token file, X.509 client certificates, Open ID Connect tokens, using service accounts, and many others. Well, the name gives it away. In this method, the passwords are stored in a CSV file with at least three pieces of information, password, username, and user ID. A…
Contents
-
-
-
-
-
-
-
-
(Locked)
Securing applications in Kubernetes2m 47s
-
(Locked)
Pod Security Standard3m 34s
-
(Locked)
Access management53s
-
(Locked)
Authenticating users4m 54s
-
(Locked)
Authenticating service accounts2m 11s
-
(Locked)
Authorization3m 51s
-
(Locked)
Admission control3m 20s
-
(Locked)
Security context2m 59s
-
(Locked)
Security Policy57s
-
(Locked)
Kubernetes network security3m 16s
-
(Locked)
Secrets management5m 15s
-
(Locked)
-
-
-