Role-based access control for FlashArray

Summary and Key concepts

Summary This article introduces the security features of Portworx, focusing on Role-based Access Control (RBAC) and volume encryption. Portworx RBAC manages access control across the cluster, defining authentication, authorization, and ownership. It also supports cluster-wide encryption and more granular namespace or storage-class level encryption for Persistent Volume Claims (PVCs). The article includes references to more detailed guides on creating encrypted PVCs for platforms where Portworx is deployed.

Kubernetes Concepts

• Persistent Volume Claims (PVC)

Portworx Concepts

• Volume Encryption

PX-Security is an important set of features of the Portworx platform that provide:

• Role-based access control (RBAC) for authorization, authentication, and ownership
• Cluster-wide volume encryption
• Namespace-granular or Storage-class BYOK volume encryption

This section describes the role-based access control (RBAC) model used by Portworx. For details on volume encryption, see create encrypted PVCs.

📄️ RBAC Overview

Explanation on the RBAC security model used by Portworx

📄️ PX-Security on Kubernetes clusters

Explains how to enable PX-Security in Portworx on an existing kubernetes cluster

📄️ Use pxctl with security enabled

Explain how pxctl needs security context setup with rbac enabled