security-platform.adoc

Securing the container platform

{product-title} and Kubernetes APIs are key to automating container management at scale. APIs are used to:

• Validate and configure the data for pods, services, and replication controllers.

• Perform project validation on incoming requests and invoke triggers on other major system components.

Security-related features in {product-title} that are based on Kubernetes include:

• Multitenancy, which combines Role-Based Access Controls and network policies to isolate containers at multiple levels.

• Admission plug-ins, which form boundaries between an API and those making requests to the API.

{product-title} uses Operators to automate and simplify the management of Kubernetes-level security features.

modules/security-platform-multi-tenancy.adoc

modules/security-platform-admission.adoc

modules/security-platform-authentication.adoc

modules/security-platform-certificates.adoc

Additional resources

• Introduction to {product-title}

• Using RBAC to define and apply permissions

• About admission plug-ins

• Managing security context constraints

• SCC reference commands

• Examples of granting roles to service accounts

• Configuring the internal OAuth server

• Understanding identity provider configuration

• Certificate types and descriptions

• Proxy certificates