From the course: Securing Containers and Kubernetes Ecosystem
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Security context - Kubernetes Tutorial
From the course: Securing Containers and Kubernetes Ecosystem
Security context
- [Teacher] Correctly implemented access control strategy can issue you that only the desired subjects will be able to perform the permitted actions. But your applications and pods work in conjunction with the OS and kernel, and you still need another layer of controls to ensure that these pods don't do anything dumb. If you recall, from the earlier chapters about securing standalone containers, we emphasized a few best practices such as not to run a container as root, securing network access, and so on. The fact that you now have Kubernetes orchestrating these pods, you still need a mechanism to implement the very same security controls. Kubernetes offers these mechanisms via security context and security policies. Think of security context as the mechanism provided to developers. Developers when writing pod specifications can attach the security context for a pod in the spec itself. On the other hand, think…
Contents
-
-
-
-
-
-
-
-
(Locked)
Securing applications in Kubernetes2m 47s
-
(Locked)
Pod Security Standard3m 34s
-
(Locked)
Access management53s
-
(Locked)
Authenticating users4m 54s
-
(Locked)
Authenticating service accounts2m 11s
-
(Locked)
Authorization3m 51s
-
(Locked)
Admission control3m 20s
-
(Locked)
Security context2m 59s
-
(Locked)
Security Policy57s
-
(Locked)
Kubernetes network security3m 16s
-
(Locked)
Secrets management5m 15s
-
(Locked)
-
-
-