LEARNING PATH: Kubernetes Security

Kubernetes Admission Control

Kubernetes Admission Control is a powerful Access Control Paradigm in the K8s ecosystem, capable of intercepting requests to the Kubernetes API server. Well-configured Admission Controller plugins can prevent a variety of attack attempts and compromises against your cluster. 

In this course, you’re diving deep into Kubernetes Admission Controller Plugins. You’ll be looking at powerful Validating and Mutating Admission Control Plugins LimitRanger and ResourceQuotas, among others. The first part of the course deals with Kubernetes Admission Control itself, with lessons on container runtime security. We then move into PodSecurityPolicy and Kubernetes Policy Management. 

Finally, you’ll be introduced to a Policy-Management Framework for Kubernetes called Open Policy Agent (OPA), where you’ll explore how you can compose your own Policies for resources loaded in the Kubernetes cluster with OPA’s Domain Specific Language for Policy Development and Evaluation, rego. 

All of these lessons are taught using hands-on labs and demos for a practical understanding of how these technologies work. At the end of this course, you’ll be able to directly implement everything you’ve learned in a real-world Kubernetes environment.

Kubernetes admission control
Proficiency Advanced
Audience Cloud Security Expert
Course Duration​ 4
Lessons​ 24
Cloud Labs​ 3



Cloud Security Expert

Course duration




Cloud Labs


    • Course Introduction
    • Course Pre-requisites
    • Admission Control – Introduction
    • Admission Control – Basics – Part 1
    • Admission Control – Basics – Part 2
    • Container Runtime Security – Part
    • Container Runtime Security – Part 2
    • Process Namespace Boundary
    • Process Namespace Boundary – Part 1
    • Process Namespace Boundary – Part 2
    • Introduction to Pod Security Policy
    • Pod Security Policy – Preamble
    • Pod Security Policy
    • Pod Security Policy
    • Kubernetes Policy Management
    • Introduction to Open-Policy Agent
    • OPA GateKeeper
    • OPA Gatekeeper
    • OPA Gatekeeper – Part 1
    • OPA Gatekeeper – Part 2
  • Understanding the Boundaries between Process Namespaces
  • Understanding Pod Security Policy
  • Implementing OPA Gatekeeper
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking "Accept" you consent to the use of All the cookies