Kubernetes - Creating a Service Account, role, rolebinding and secrets to use in a Pod of a cluster.

Описание: While creating roles mainly limits, controls or manages how development teams can access resources, but how can we protect 𝐬𝐞𝐧𝐬𝐢𝐭𝐢𝐯𝐞 𝐝𝐚𝐭𝐚 in various different resources and microservices inside the cluster from being attacked or manipulated? 𝐒𝐞𝐫𝐯𝐢𝐜𝐞𝐀𝐜𝐜𝐨𝐮𝐧𝐭𝐬 are mainly for machine-to-machine security and to protect the cluster from 𝐮𝐧𝐚𝐮𝐭𝐡𝐨𝐫𝐢𝐳𝐞𝐝 or 𝐞𝐱𝐭𝐞𝐫𝐧𝐚𝐥 𝐚𝐜𝐜𝐞𝐬𝐬.

𝐌𝐚𝐬𝐭𝐞𝐫𝐢𝐧𝐠 𝐊8𝐬 𝐑𝐁𝐀𝐂: From Tokens to Secure API Access
Just learned how to manually create and persist a ServiceAccount token — a best practice for development environments!

Linked it to a ServiceAccount, created custom Roles and RoleBindings, and tested everything by sending API requests directly to the kube-apiserver from a pod.

It’s fascinating how RBAC can precisely control what a pod can or can’t do inside the cluster.

Applying security concepts to real-world microservices can provide an edge to web applications!

𝐌𝐲 𝐠𝐢𝐭𝐡𝐮𝐛 𝐥𝐢𝐧𝐤: https://lnkd.in/dt6krcyV

hashtag#Kubernetes hashtag#DevOps hashtag#RBAC hashtag#CloudNative hashtag#ServiceAccount hashtag#Security hashtag#Minikube hashtag#LearningJourney