Kubernetes Security
Kubernetes is designed to be extensible, not secure by default. This module covers the critical layers of security you must implement to protect your cluster from external attacks and internal privilege escalation.
01. Role Based Access Control (RBAC)
The foundation of authorization. Learn how to create Roles, ClusterRoles, and Bindings to enforce Least Privilege.
02. Service Accounts & Identity
Manage identities for your Pods. Understand Token Projection and how to use Workload Identity (OIDC) for cloud access.
03. Pod Security Admission (PSA)
The replacement for PSP. Learn how to enforce the 3 security standards (Privileged, Baseline, Restricted) on your namespaces.
04. mTLS & Zero Trust
Secure traffic between Pods using Mutual TLS. Understand the role of Service Meshes in automating certificate management.
05. Security Contexts
Harden your containers at the kernel level. Configure capabilities, UID/GID, and read-only filesystems.
99. Module Review
Flashcards, cheat sheets, and a final quiz to cement your knowledge of Kubernetes security.
Module Chapters
Role Based Access Control (RBAC)
Role Based Access Control (RBAC)
Start LearningService Accounts (SA)
Service Accounts (SA)
Start LearningPod Security Admission (PSA)
Pod Security Admission (PSA)
Start LearningmTLS Communication
Mutual TLS (mTLS)
Start LearningSecurity Contexts
Security Contexts
Start LearningModule Review: Security
Module Review: Security
Start Learning