Kubernetes Security Operations: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 12: Line 12:


==PodSecurityPolicy==
==PodSecurityPolicy==
This command allows to simulate the PodSecurityPolicy selection process performed by the PodSecurityPolicy admission controller:


<syntaxhighlight lang='bash'>
<syntaxhighlight lang='bash'>

Revision as of 20:22, 4 September 2020

Internal

Service Account Operations

Service Account Operations

RBAC Operations

RBAC Operations

Authorization Check

kubectl auth

PodSecurityPolicy

This command allows to simulate the PodSecurityPolicy selection process performed by the PodSecurityPolicy admission controller: 

kubectl --as=system:serviceaccount:<namespace>:<serviceaccount-name> -n <namespace> auth can-i use <pod-security-policy-name>
kubectl --as=system:serviceaccount:blue:blue-serviceaccount -n blue auth can-i use podsecuritypolicy/example
Retrieved from "https://kb.novaordis.com/index.php?title=Kubernetes_Security_Operations&oldid=68554"