RBAC
Quote
Users are mapped to roles, roles are mapped to set of permissions that allow access to resource(s).
When K8s receives a new request K8s API server performs the following steps:
- Authenticate the user, if validation fails return
401 unauthorised - Authorise the request, if it fails return
403 Forbidden