Admission controllers: one part of your Kubernetes security and governance toolkit

CNCF Member Online program
Presented by: Palo Alto Networks

Recorded: Wednesday October 28, 2020

Download Slides

Program Speakers: Gunjan Patel, Cloud Architect @Palo Alto Networks & Robert Haynes, Cloud Security Evangelist @Palo Alto Networks

Admissions controllers play an important role in providing security and governance for Kubernetes. In this webinar, we will outline the Kubernetes Admission Controller architecture, and look in particular at the Validating Admission Controller function, along with the associated Open Policy Agent and Rego language components.

Having established the underlying infrastructure, we will look at several scenarios involving either misconfiguration or (potential) malice, and demonstrate appropriate admission control policies to combat them.

At the end of this talk, you will leave with:

  • An overview of object creation in Kubernetes
  • The basics of the Rego language (for writing admission controller policies)
  • Sample admission controller policies for security and IT governance