Admissions controllers play an important role in providing security and governance for Kubernetes. In this webinar, we will outline the Kubernetes Admission Controller architecture, and look in particular at the Validating Admission Controller function, along with the associated Open Policy Agent and Rego language components.
Having established the underlying infrastructure, we will look at several scenarios involving either misconfiguration or (potential) malice, and demonstrate appropriate admission control policies to combat them.
At the end of this talk, you will leave with:
- An overview of object creation in Kubernetes
- The basics of the Rego language (for writing admission controller policies)
- Sample admission controller policies for security and IT governance