Configuring security

It is important to manage your cluster security, vulnerability, and risk assessment.

About this task

As a cloud administrator you must ensure that your cluster allows authorized users access to the data, and the applications that they need. At the same time, you must protect the cluster from accidental or malicious access by granting only the minimal privileges to users and processes to restrict system calls and file system access.

It is recommended that you use monitoring and compliance enforcement tools on your clusters to check that your security policies are working the way that you expect them to work. And it is also recommended that you define a ResourceQuota for each namespace to address common attack scenarios. A ResourceQuota object can restrict the number of pods and the CPU consumption, and be used set hard limits on the amount of node resource usage.