Kubernetes Security

Kubernetes is designed to be extensible, not secure by default. This module covers the critical layers of security you must implement to protect your cluster from external attacks and internal privilege escalation.

01. Role Based Access Control (RBAC)

The foundation of authorization. Learn how to create Roles, ClusterRoles, and Bindings to enforce Least Privilege.

02. Service Accounts & Identity

Manage identities for your Pods. Understand Token Projection and how to use Workload Identity (OIDC) for cloud access.

03. Pod Security Admission (PSA)

The replacement for PSP. Learn how to enforce the 3 security standards (Privileged, Baseline, Restricted) on your namespaces.

04. mTLS & Zero Trust

Secure traffic between Pods using Mutual TLS. Understand the role of Service Meshes in automating certificate management.

05. Security Contexts

Harden your containers at the kernel level. Configure capabilities, UID/GID, and read-only filesystems.

99. Module Review

Flashcards, cheat sheets, and a final quiz to cement your knowledge of Kubernetes security.

Module Chapters