Kubernetes Security Operations

From NovaOrdis Knowledge Base
Revision as of 23:23, 1 October 2020 by Ovidiu (talk | contribs) (→‎Internal)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Internal

User Operations

User Operations

Service Account Operations

Service Account Operations

RBAC Operations

RBAC Operations

Authorization Check

kubectl auth

PodSecurityPolicy

This command allows to simulate the PodSecurityPolicy selection process performed by the PodSecurityPolicy admission controller:

kubectl --as=system:serviceaccount:<namespace>:<serviceaccount-name> -n <namespace> auth can-i use <pod-security-policy-name>
kubectl --as=system:serviceaccount:blue:blue-serviceaccount -n blue auth can-i use podsecuritypolicy/example