22-Authorization.md

Authorization

• Take me to the Video Tutorial

In this section, we will take a look at Authorization.

Why do you need Authorization in your cluster?

• As an admin, you can do all operations

  $ kubectl get nodes
  $ kubectl get pods
  $ kubectl delete node worker-2
  

  

Authorization Mechanisms

• There are different authorization mechanisms supported by kubernetes
  • Node Authorization
  • Attribute-based Authorization (ABAC)
  • Role-Based Authorization (RBAC)
  • Webhook

Node Authorization

ABAC

RBAC

Webhook

Authorization Modes

• The mode options can be defined on the kube-apiserver

  

• When you specify multiple modes, it will authorize in the order in which it is specified

  

K8s Reference Docs

• https://kubernetes.io/docs/reference/access-authn-authz/authorization/