Sir , as localhost is not secure we can also make it secure using tls right ?. And can we just allow authenticated users to acess api , suppose in a company i am admin and co workers need to acess api so i will assign them role but with certs and rbac.
Yes kubeapi server offering to make https also (secure), as a security best practice should not be keeping as an unsecure unless it's a local host. As long as you know how to make a local host to a secure site using self-signed certificates, rest of the user access etc is RBAC. If you are intelligent admin anything is possible. hope you get it what I mean
Sir , as localhost is not secure we can also make it secure using tls right ?. And can we just allow authenticated users to acess api , suppose in a company i am admin and co workers need to acess api so i will assign them role but with certs and rbac.
Yes kubeapi server offering to make https also (secure), as a security best practice should not be keeping as an unsecure unless it's a local host. As long as you know how to make a local host to a secure site using self-signed certificates, rest of the user access etc is RBAC. If you are intelligent admin anything is possible. hope you get it what I mean
@@learnwithgvr thank you so much sir for replying . 🙂 Your lecture are so amazing and clear . every topic makes me excited. Thank you sir
hello, thanks for the video, may I ask do you have any demo for this section?
Sorry, no dont have. But let me know if you have any questions
@@learnwithgvr thank you so much 😊
💯👌🙌
Sir if we enable insecure port does it skip authentication? I think it'sjust vulnerable because of no emcryption
Correct, if its insecure port traffic is not encrypted, so as a best practice avoid exposing such to API server unless its your localhost for testing
@@learnwithgvr but you told it skips authentication
Thanks for this Video...Where can I find your RBAC video?
Please check the description to see RBAC Video link which is ua-cam.com/video/CTtfxsqCIdw/v-deo.html. Let me know your feedback.. thanks
plz make a complete video on anonymous request isme smjh nhi aya
anonymous request is basic concept, Sorry. pls google it for basic understanding.
@@learnwithgvr Should i enable the --anonymous-auth=false or true in apiserver ?