This article is a part of the Kubernetes security series that started last week. The previous article covered the overview and background of Kubernetes access control. In this part, we will understand the concepts of authentication through the hands-on approach.
In a production environment, Kubernetes administrators use namespaces to isolate resources and deployments. Namespaces act as a logical boundary to enforce basic access control.
Let’s say we have Bob, new admin that joined the DevOps team to manage the Kubernetes deployments for the engineering group. We now have to provide him with just enough access to manage the engineering namespace. Assuming you are the cluster administrator with permissions to manage global resources and objects, you would onboard Bob and help him with the credentials needed to access Kubernetes cluster.
Read the entire article at The New Stack