Skip to content


A significant challenge that customers face today is around ensuring that kubectl access to clusters deployed in public cloud environments or on-premise is secure and controlled. Zero Trust Kubectl Access (ZTKA) architecture enables customers to centralize orchestration of kubectl access policies and removes the need to leverage a VPN solution/bastion server access model and/or open ports in firewalls.

In this self-paced exercise, you will configure kubectl access settings and associate a role with a user based on the least privilege principle. You will then implement a break glass process to enable temporary access and review the audit logs to gain visibility into usage of kubectl access across clusters in your organization.

What Will You Do by Part

Part What will you do?
1 Configure RBAC to ensure Controlled Secure kubectl access
2 Break glass process for temporary kubectl access
3 Review Audit logs


  • You have a cluster that is managed by the Controller
  • You have configured one or more Namespaces