This article will discuss how Kubernetes combines and uses several authorization modes (e.g. RBAC, Node, ABAC, etc.)

➜ https://yuminlee2.medium.com/kubernetes-authorization-part1-authorization-modes-overview-18538759e2d5

In this tutorial, you will learn how to store your sensitive secrets in a self-hosted Vault and share them with a Kubernetes cluster

➤ https://medium.com/@verove.clement/vault-externals-secrets-in-kubernetes-cluster-407f251a5e89

In this tutorial, you will learn how to write a validating admission controller to check if Deployments have the proper liveness and readiness probes in place

➤ https://medium.com/@ivan.herrmann89/validate-if-kubernetes-deployment-have-livenessprobe-and-readinessprobe-enabled-6424738deeec

In this article, you'll learn how to use Cluster Role, Cluster Role Binding, and Service Account to deploy a simple application capable of accessing the cluster's resources using kubectl from within a pod

➤ https://itnext.io/unleashing-the-power-of-kubernetes-deploying-containers-with-cluster-resource-access-ee2cef29e24e

KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems

It scans runtime Kubernetes clusters and CI/CD pipelines for enhanced software supply chain security

➜ https://github.com/openclarity/kubeclarity

This article describes the challenges and solutions to connecting kubectl from your local computer to a private GKE cluster while impersonating a service account

➜ https://medium.com/compendium/accessing-private-gke-cluster-using-bastion-host-and-service-account-impersonating-bac11c86deac

You can secure internal communications in your cluster with HTTPS by generating a new TLS certificate, modifying the backend app, and making changes to the deployment and ingress

This tutorial explains the steps (and the code) involved

➤ https://heka-ai.medium.com/how-to-secure-internal-communications-with-your-backend-via-https-using-self-signed-certificates-bf74748a18f7

In this project, you'll learn how to create a Mutating Webhook targeting pods

The webhook server will intercept requests to create or update pods and apply custom logic to modify the specifications before they are admitted to the cluster

➜ https://github.com/rajibmitra/pod-mutator

Multi Tool Kubernetes Pentest Image contains all the most popular and necessary tools for Kubernetes penetration testing

➤ https://github.com/r0binak/MTKPI

In this article, you will learn how to create a simple yet effective incident response mechanism within Kubernetes, leveraging Falco for threat detection, CRIU for container snapshotting, and OpenFaaS for automating responses

➜ https://blog.fraktal.fi/navigating-kubernetes-incident-response-with-falco-criu-and-openfaas-285021bbdbe4