What is RBAC (Role-Based Access Control)?
A security method that restricts system access based on the roles of individual users.
RBAC restricts what users, service accounts, or systems can do based on their assigned roles. In Kubernetes, RBAC uses four objects: Role (namespaced permissions), ClusterRole (cluster-wide permissions), RoleBinding (assigns Role to a subject), and ClusterRoleBinding (assigns ClusterRole). Subjects can be users, groups, or service accounts. Always apply least privilege: grant only the permissions needed. kubectl auth can-i checks what permissions an account has.
Deep Dive Guide
how to build devsecops pipeline
More Security Terms
DevSecOps
Integrating security practices into every stage of the DevOps pipeline.
Falco
A runtime security tool that detects anomalous behavior in containers using eBPF/syscalls.
JWT (JSON Web Token)
A compact, self-contained token format for transmitting claims between parties.
mTLS (Mutual TLS)
Two-way TLS authentication where both client and server verify each other's certificates.
OAuth2
An authorization framework allowing third-party apps limited access to user accounts.
OIDC (OpenID Connect)
An identity layer on top of OAuth2 that provides user authentication.
Test your knowledge of RBAC (Role-Based Access Control) and 130 other DevOps concepts