Role-Based Access Control in IKS
Summary and Key concepts
Summary:
This article introduces the security features of Portworx, focusing on Role-based Access Control (RBAC) and volume encryption. Portworx RBAC manages access control across the cluster, defining authentication, authorization, and ownership. It also supports cluster-wide encryption and more granular namespace or storage-class level encryption for Persistent Volume Claims (PVCs). The article includes references to more detailed guides on creating encrypted PVCs for platforms where Portworx is deployed.
Kubernetes Concepts:
Portworx Concepts:
PX-Security is an important set of features of the Portworx platform that provide:
- Role-based access control (RBAC) for authorization, authentication, and ownership
- Cluster-wide volume encryption
- Namespace-granular or Storage-class BYOK volume encryption
This section describes the role-based access control (RBAC) model used by Portworx. For details on volume encryption, see create encrypted PVCs.
📄️ RBAC Overview
Explanation on the RBAC security model used by Portworx
📄️ PX-Security on Kubernetes clusters
Explains how to enable PX-Security in Portworx on an existing kubernetes cluster
📄️ Use pxctl with security enabled
Explain how pxctl needs security context setup with rbac enabled