Questions
- OpenID Connect is a standard protocol with extensive peer review and usage.
- True
- False
- Which token does Kubernetes use to authorize your access to an API?
- access_token
- id_token
- refresh_token
- certificate_token
- In which situation is certificate authentication a good idea?
- Day-to-day usage by administrators and developers
- Access from external CI/CD pipelines and other services
- Break glass in case of emergency when all other authentication solutions are unavailable
- How should you identify users accessing your cluster?
- Email address
- Unix login ID
- Windows login ID
- An immutable ID not based on a user's name
- Where are OpenID Connect configuration options set in Kubernetes?
- Depends on the distribution
- In a ConfigMap object
- In a secret
- Set as flags on the Kubernetes API server executable
- When using Impersonation with your cluster, the groups your user brings are the only ones needed.
- True
- False
- The dashboard should have its own privileged identity to work properly.
- ...