Securing Kubernetes With Admission Controllers - Dave Strebel, Microsoft
Abstract
An admission controller allows you to intercept or mutate request to the Kubernetes API before it’s persisted as an object in Kubernetes . By utilizing admission controllers to intercept objects we have to the flexibility to enforce enterprise security policies for developers and operators of Kubernetes. In this demo heavy session, we will review admission controller capabilities and use cases for extending Kubernetes security. We will also demonstrate how to use an admission controller to restrict access to specific service types in a Kubernetes cluster. Attendees will leave understanding how to utilize admission controllers to extend security in their Kubernetes environment. They will also learn about use cases of using admission controllers to provide enterprise grade security policies.