menu
arrow_back

Using Role-based Access Control in Kubernetes Engine

Using Role-based Access Control in Kubernetes Engine

1 个小时 7 个积分

GKE-Engine.png

GSP493

Google Cloud Self-Paced Labs

Overview

This lab covers the usage and debugging of role-based access control (RBAC) in a Kubernetes Engine cluster.

While RBAC resource definitions are standard across all Kubernetes platforms, their interaction with underlying authentication and authorization providers needs to be understood when building on any cloud provider.

RBAC is a powerful security mechanism that provides great flexibility in how you restrict operations within a cluster. This lab will cover two use cases for RBAC:

  1. Assigning different permissions to user personas, namely owners and auditors.
  2. Granting limited API access to an application running within your cluster.

Since RBAC's flexibility can occasionally result in complex rules, common steps for troubleshooting RBAC are included as part of scenario 2.

加入 Qwiklabs 即可阅读本实验的剩余内容…以及更多精彩内容!

  • 获取对“Google Cloud Console”的临时访问权限。
  • 200 多项实验,从入门级实验到高级实验,应有尽有。
  • 内容短小精悍,便于您按照自己的节奏进行学习。
加入以开始此实验
分数

—/100

Provisioning the Kubernetes Engine Cluster

运行步骤

/ 20

Creating the RBAC rules

运行步骤

/ 10

Create server in each namespace

运行步骤

/ 15

Deploying the sample application

运行步骤

/ 20

Fixing the service account name

运行步骤

/ 10

Identifying the application's role and permissions

运行步骤

/ 15

Teardown

运行步骤

/ 10