For the authentification and authorization, Kubernetes has such notions as User Accounts and Service Accounts.

User Accounts — common user profiles used to access a cluster from the outside, while Service Accounts are used to grant access from inside of the cluster.

ServiceAccounts are intended to provide an identity for a Kubernetes Pod to be used by its container to authenticate and authorize them when performing API-requests to the Kubernetes API-server.

#security #authentication #kubernetes #serviceaccounts