Which `kind` of Kubernetes object is configured to ensure that Defender is acting as the admission controller?
Which `kind` of Kubernetes object is configured to ensure that Defender is acting as the admission controller?
The Kubernetes object 'ValidatingWebhookConfiguration' is configured to ensure that Defender is acting as the admission controller. This object defines webhooks that are called by the Kubernetes API server to validate requests before they are persisted to storage. Admission controllers can enforce policies, allowing the Defender to deny or alert on policy violations in the cluster.
C --> Prisma Cloud provides a dynamic admission controller for Kubernetes and OpenShift that is built on the Open Policy Agent (OPA). In Console, you can manage and compose rules in Rego, which is OPA’s native query language. Rules can allow or deny (alert or block) pods. Console pushes your policies to Defender, which enforces them. Decisions made by the system are logged .... In Kubernetes terms, these are known as validating admission webhooks.
C. ValidatingWebhookConfiguration
C https://docs.paloaltonetworks.com/prisma/prisma-cloud/21-08/prisma-cloud-compute-edition-admin/access_control/open_policy_agent