Explore Role-Based Access Control (RBAC) in Kubernetes through this informative conference talk from GOTO Amsterdam 2019. Gain a clear understanding of RBAC by comparing it to Linux file permissions and examining the additional abstractions in Kubernetes. Learn about critical security features that control user actions within a cluster, including roles, role bindings, and permissions. Discover how to implement the principle of least privilege, whitelist permissions, and reduce entropy in your Kubernetes environment. Through practical examples and comparisons, master the concepts of RBAC and enhance your ability to manage access controls effectively in your Kubernetes clusters.
Overview
Syllabus
Introduction
File Permissions
File Attributes
Correspondence
Everything is a Resource
My App Example
Kubernetes Resources
RBAC
Permissions
Verbs
Roles
Role Bindings
Entropy
Least Privilege
Whitelist Permissions
More Permissions
Can a user do a particular action
Can a user do a verb
Create a pod
Reduce entropy
How to reduce entropy
Comparisons
Taught by
GOTO Conferences
Related Courses
-
The Least Privilege of Kubernetes
-
Achieving Least Privilege Access in Kubernetes
-
RBAC to the Future: Untangling Authorization in Kubernetes
-
RBAC to the Future - Untangling Authorization in Kubernetes
-
Managing RBAC Across Multiple Kubernetes Clusters
-
What Do You Mean K8s Doesn't Have Users? How Do I Manage User Access Then?
