Kubernetes Security involves implementing best practices and configurations to enforce continuous compliance by DevSecOps teams to secure container-based Kubernetes applications.
The competencies include the use of best practices for container lifecycle and Kubernetes management during build, deployment, and runtime.
Pod security policy - Administer and authorize the controls for privileged containers, host namespaces, file systems among others. Understand pod security standards.
Kubernetes secrets - Exclude confidential information in the pods by using secrets. Understand the ways to implement secrets as files, the container environment variable, and kubelet when pulling pod images.
Security context - Understand access controls for a pod or container and define privileges and capabilities. Understand security risks involved in privileged pods.
Network policy - Understand network security policies to implement and restrict cluster-level access. Set up ingress objects with security controls. Restrict external access to the network.
RBAC - Understand Role-Based Access Controls to minimize exposure and permissions by changing the defaults.