Learning Path: Kubernetes Security
Kubernetes Admission Control
Admission Control is a powerful and unique access control paradigm in the Kubernetes Ecosystem. Well-configured Admission Control plugins can prevent a variety of attack attempts and compromises against your cluster In this class, you’re diving deep into Kubernetes Admission Control Plugins.
You’ll be looking at powerful Validating and Mutating Admission Control Plugins including PodSecurityPolicy, LimitRanger and ResourceQuotas among others with some very interesting hands-on labs and demos.
Finally, you’ll be introduced to a Policy-Management Framework for Kubernetes called Open Policy Agent (OPA), where you’ll explore how you can compose your own Policies for resources loaded in the Kubernetes cluster with OPA’s Domain Specific Language for Policy Development and Evaluation.
Advanced Proficiency
Cloud Security Expert
4 hours
24 lessons
3 Cloud Labs
Course Outline
Introduction
- Course Introduction
- Course Pre-requisites
Understanding Admission Control
- Admission Control – Introduction
- Admission Control – Basics – Part 1
- Admission Control – Basics – Part 2
- Container Runtime Security – Part 1
- Container Runtime Security – Part 2
PodSecurity Policy - Deep-Dive
- Introduction to Pod Security Policy
- Pod Security Policy – Preamble
Policy Management and OPA in Kubernetes
- Kubernetes Policy Management
- Introduction to Open-Policy Agent
- OPA GateKeeper