Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Kubernetes

Published byJainish Shah Modified over 5 years ago

Similar presentations

Presentation on theme: "Introduction to Kubernetes"— Presentation transcript:

1 Introduction to Kubernetes
RBAC

2 About Me Name: Jainish Shah Github: @jainishshah17

3 What is RBAC? Role-based access control (RBAC) is an approach that is used for restricting access to users and applications on the system/network. RBAC is used by Kubernetes for authorization, for example giving access to a user, adding/removing permissions and setting up rules, etc. By default, RBAC is enabled in Kubernetes.

4 Why RBAC? Each of users in kubernetes cluster needs to some amount of security from one another. There could be cases, where a member of one team is interfering with the other members, work accidentally

5 Role Role in Kubernetes Role-Based Access Control defines a notion of a verb like get or list and a set of nouns like pod volumes etc. So, a role defines what you can do to a set of resources. It contains a set of rules which define a set of permission. A Role always sets permissions within a particular namespace; when you create a Role, you have to specify the namespace it belongs in.

6 RoleBinding A role binding grants the permissions defined in a role to a user or set of users. It holds a list of subjects (users, groups, or service accounts), and a reference to the role being granted. A RoleBinding grants permissions within a specific namespace.

7 ClusterRole ClusterRole, is a non-namespaced resource.
The resources have different names (Role and ClusterRole) because a Kubernetes object always has to be either namespaced or not namespaced; it can’t be both. ClusterRole is used to define a role cluster-wide. You can use a ClusterRole to: define permissions on namespaced resources and be granted within individual namespace(s) define permissions on namespaced resources and be granted across all namespaces define permissions on cluster-scoped resources

8 ClusterRoleBinding ClusterRoleBinding is used to grant permission to a subject on a cluster-level in all the namespaces. It can provide you with permissions for cluster resources and it can also provide you with permissions for resources within any namespace within a cluster.

9 Demo

10

Download ppt "Introduction to Kubernetes"

Similar presentations

ROWLBAC – Representing Role Based Access Control in OWL

ROWLBAC – Representing Role Based Access Control in OWL
SAML CCOW Work Item: Task 2

SAML CCOW Work Item: Task 2
Hive Security Yongqiang He Software Engineer Facebook Data Infrastructure Team.

Hive Security Yongqiang He Software Engineer Facebook Data Infrastructure Team.
The RBAC96 Model Prof. Ravi Sandhu. 2 © Ravi Sandhu WHAT IS RBAC?  multidimensional  open ended  ranges from simple to sophisticated.

The RBAC96 Model Prof. Ravi Sandhu. 2 © Ravi Sandhu WHAT IS RBAC?  multidimensional  open ended  ranges from simple to sophisticated.
Access Control A Meta-Model 1Dennis Kafura – CS5204 – Operating Systems.

Access Control A Meta-Model 1Dennis Kafura – CS5204 – Operating Systems.
When you combine NTFS permissions and share permissions the most restrictive effective permission applies. For example, if you share a folder and assign.

When you combine NTFS permissions and share permissions the most restrictive effective permission applies. For example, if you share a folder and assign.
1 Chapter Overview Understanding and Applying NTFS Permissions Assigning NTFS Permissions and Special Permissions Solving Permissions Problems.

1 Chapter Overview Understanding and Applying NTFS Permissions Assigning NTFS Permissions and Special Permissions Solving Permissions Problems.
Data Segmentation Model 17 Jan 2012 John (Mike) Davis HL7 Security Co-Chair.

Data Segmentation Model 17 Jan 2012 John (Mike) Davis HL7 Security Co-Chair.
Role Based Access Control Venkata Marella. Access Control System Access control is the ability to permit or deny the use of a particular resource by a.

Role Based Access Control Venkata Marella. Access Control System Access control is the ability to permit or deny the use of a particular resource by a.
Team Contracts. Purpose of Team Contract Clarifies team goals & strategies used to meet them Clarifies team goals & strategies used to meet them Increases.

Team Contracts. Purpose of Team Contract Clarifies team goals & strategies used to meet them Clarifies team goals & strategies used to meet them Increases.
By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.

By Rashid Khan Lesson 8-Crowd Control: Controlling Access to Resources Using Groups.
Role Based Access Control Models Presented By Ankit Shah 2 nd Year Master’s Student.

Role Based Access Control Models Presented By Ankit Shah 2 nd Year Master’s Student.
Lecture 7 Access Control

Lecture 7 Access Control
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.
7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.

7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.
1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.

1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.
Chapter 5 File and Printer Services

Chapter 5 File and Printer Services
© 2010 VMware Inc. All rights reserved Access Control Module 8.

© 2010 VMware Inc. All rights reserved Access Control Module 8.
Access Control Module 8. Module 2-275 You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A vSphere Environment Introduction to VMware.

Access Control Module 8. Module You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A vSphere Environment Introduction to VMware.
Directory Services at UMass  Directory Services Overview  Some common definitions  What can a directory do or not do?  User Needs Assessment  What.

Directory Services at UMass  Directory Services Overview  Some common definitions  What can a directory do or not do?  User Needs Assessment  What.

Similar presentations

Ads by Google