Kubernetes has continued to add a number of security features in their latest releases and has a well-rounded set of control points that can be used in your cluster – everything from secure node communication to pod security and even the storage of sensitive configuration data.
Kubernetes cluster security
Secure API calls
During every API call, Kubernetes applies a number of security controls. This security life cycle is depicted here:
API call life cycle
After secure TLS communication is established, the API server runs through authorization and authentication. Finally, an admission controller loop is applied to the request before it reaches the API server.