Learning Path: Kubernetes Security

Kubernetes Authentication & Authorization

Kubernetes Authentication and Authorization are essential, keystone controls for your Cluster. However, these are also the most frequently attacked and compromised components of a Kubernetes Clusters as well. Attackers leverage weak permissions and privileges quite extensively, to compromise the entire cluster. 

In this course, we’ll be looking at a comprehensive perspective of Authentication and Authorization in Kubernetes. The platform offers a plethora of options and configuration parameters for authenticating users and restricting their access. You’ll learn how you can enable Certificate Authentication, setup Service Accounts and additionally, you’ll learn how you can restrict permissions of users and service accounts with Role and RoleBindings scoped to namespaces or the cluster itself. 

Our hands-on labs will show you how to use automated tools in a Cluster to identify misconfigurations in Kubernetes Authentication and Access Control privileges. Finally, you’ll also be introduced to scalable Authentication and Authorization when you can integrate your Kubernetes Cluster with an Identity Provider with OAuth and OIDC for Federated and highly scalable authentication and access control for your Cluster.

Beginner Proficiency
Cloud Security Expert
4 hours
14 lessons
1 Cloud Lab

Course Outline

  • Course Introduction
  • Course Pre-requisites
  • Certificates in Kubernetes
  • Kubernetes AuthN and AuthZ Overview
  • Authentication Modes and Authorization Models
  • Users, ServiceAccounts, RoleBindings and Cluster RoleBindings
  • Authorization Modes
  • Lab: Role Based Access Control Lab