Which component of a Kubernetes setup can approve, modify, or reject administrative requests?
Which component of a Kubernetes setup can approve, modify, or reject administrative requests?
Admission controllers are responsible for intercepting requests to the Kubernetes API server before any modifications of the objects are persisted. They assess requests against policies and based on the evaluation, they can approve, modify, or reject administrative requests. This functionality is essential in ensuring that only valid configurations and changes are applied to the Kubernetes cluster, thus maintaining security and conformity with the defined rules.
C https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/access_control/open_policy_agent
https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/
C An admission controller is code that intercepts requests to the API server for creating objects. There are two types of admission controllers: built-in and dynamic. Prisma Cloud implements a dynamic admission controller. Dynamic admission controllers are built as webhooks. After registering to intercept admission requests, they assess requests against policy, and then accept or reject those requests. In Kubernetes terms, these are known as validating admission webhooks. https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/access_control/open_policy_agent