Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Admission Controllers - One Part of Your Kubernetes Security and Governance Toolkit

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore the critical role of admission controllers in Kubernetes security and governance through this comprehensive webinar. Gain insights into the Kubernetes Admission Controller architecture, focusing on the Validating Admission Controller function and its integration with Open Policy Agent and Rego language. Examine real-world scenarios involving misconfiguration and potential security threats, and learn how to implement effective admission control policies. Acquire knowledge on object creation in Kubernetes, master the basics of the Rego language for writing admission controller policies, and obtain sample policies for enhancing security and IT governance. Delve into common Kubernetes attack vectors, mitigation strategies, and security best practices, including enforcing trusted registries, preventing privileged pods, and securing container filesystems. Led by cloud experts from Palo Alto Networks, this 56-minute session equips you with practical skills to strengthen your Kubernetes environment's security posture.

Syllabus

Intro
Kubernetes common attack vectors
Kubernetes Mitigations and Controls
Rego Language: The Basics
Security Integration Points
Kubernetes Security Best Practices
Enforce a Trusted Registry
Don't allow 'dev', 'latest', or 'master' image tags in prod
Prevent Privileged Pods
Prevent sensitive host system mounts
Make the container filesystem read only
Prevent NodePort Services
Resources Example Policies

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Admission Controllers - One Part of Your Kubernetes Security and Governance Toolkit

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.