Authorization (RBAC)

Understand the fundamentals of Kubernetes authorization using Role-Based Access Control (RBAC). Explore how roles and role bindings define user permissions, allowing fine-grained control over actions on resources. This lesson helps you grasp the least privilege model Kubernetes enforces and how to configure RBAC rules for secure cluster management.

We'll cover the following...

RBAC big picture
Users and permissions
- Looking closer at rules

Authorization happens immediately after successful authentication, and we’ll sometimes see it shortened to authZ (pronounced “auth zee”).

Kubernetes authorization is pluggable, and we can run multiple authZ modules on a single cluster. However, most clusters use RBAC. Also, if our cluster has multiple authorization modules, as soon as any module authorizes a request, it moves immediately to admissions control.

RBAC big picture

The most common authorization module is RBAC (Role-Based Access Control). At the highest level, RBAC is about three things:

Users
Actions
Resources

Which users ...

1.Kubernetes Primer

2.Kubernetes Principles of Operation

3.Getting Kubernetes

4.Working With Pods: Theory

5.Working with Pods: Hands-On

6.Virtual Clusters with Namespaces

7.Kubernetes Deployments

Project

8.Kubernetes Services: Theory

9.Kubernetes Services: Hands-On

10.Ingress

11.WebAssembly on Kubernetes

12.Service Discovery: Deep Dive

13.Kubernetes Storage

14.ConfigMaps

Project

15.StatefulSets

16.API Security and RBAC

17.Kubernetes API

18.Threat Modeling Kubernetes

19.Real-World Kubernetes Security

20.Conclusion

Authorization (RBAC)

RBAC big picture