book

Hands-On Microservices with Kubernetes

by Gigi Sayfan

July 2019

Intermediate to advanced

502 pages

14h

English

Packt Publishing

Read now

Unlock full access

Content preview from Hands-On Microservices with Kubernetes

Granting access to Kubernetes resources as needed

The principle of least privilege directs you to grant access to Kubernetes resources only to services that actually need it (for example, Argo CD). RBAC is a great option here since everything is locked down by default and you can explicitly add privileges. However, beware of falling into the trap of giving wildcard access to everything just to get over difficulties with RBAC configuration. For example, let's take a look at a cluster role with the following rule:

rules:- apiGroups:  - '*'  resources:  - '*'  verbs:  - '*'- nonResourceURLs:  - '*'  verbs:- '*'

This is worse than disabling RBAC because it gives you a false sense of security. Another option for a more dynamic situation is dynamic authentication, ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Publisher Resources

ISBN: 9781789805468Supplemental Content

Hands-On Microservices with Kubernetes

by Gigi Sayfan

Granting access to Kubernetes resources as needed

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

Kubernetes Microservices

Bootstrapping Microservices with Docker, Kubernetes, and Terraform

Cloud Native DevOps with Kubernetes

Microservices: Up and Running

Publisher Resources