API Security Big Picture

Learn about Kubernetes API request flow and policy checks for secure access.

We'll cover the following

API security

Kubernetes is API-centric and the API is served through the API server. In this chapter, we’ll follow a typical API request as it passes through various security-related checks.

API security

All of the following make CRUD-style requests to the API server (create, read, update, delete):

Operators and developers using kubectl
Pods
Kubelets
Control plane services
Kubernetes-native apps

The following figure shows the flow of a typical API request passing through the standard checks. The flow is the same, no matter where the request originates.

Get hands-on with 1400+ tech skills courses.

Kubernetes Primer

Kubernetes Principles of Operation

Getting Kubernetes

Working With Pods: Theory

Working with Pods: Hands-On

Virtual Clusters with Namespaces

Kubernetes Deployments

Kubernetes Services: Theory

Kubernetes Services: Hands-On

Ingress

WebAssembly on Kubernetes

Service Discovery Deep Dive

Kubernetes Storage

ConfigMaps

StatefulSets

API Security and RBAC

Kubernetes API

Threat Modeling Kubernetes

Real-World Kubernetes Security

Conclusion

API Security Big Picture

API security