Applying Least Privileges through Kubernetes Admission Controllers - Benjy Portnoy, Aqua Security (Intermediate Skill Level)
Abstract
An admission controller intercepts requests to the Kubernetes API server prior to persistence of the object. By applying proper admission controls in your Kubernetes cluster, it’s possible to generate deployments that adhere to the least privilege model, limiting user and container activity based on their business usage needs. In this session, we will review the latest and greatest Kubernetes 1.9 admission controller capabilities, we will demonstrate in a live demo a dynamic admission control webhook that can be customized to limit privileged user access.