If you want to prevent pod creation unless it passes a policy check, which Kubernetes feature would you rely on?

Study for the Kubernetes Cloud Native Associate (KCNA) Certification. Prepare with flashcards and multiple choice questions. Ensure success with detailed explanations. Ready for your exam!

Multiple Choice

If you want to prevent pod creation unless it passes a policy check, which Kubernetes feature would you rely on?

Explanation:
Admission controllers are the mechanism that intercepts requests to the API server after authentication and authorization and before the object is stored. They can validate inputs and reject the request if policies aren’t met, so pod creation is prevented unless the policy check passes. You can use built-in validating admission controllers or set up validating webhooks to enforce custom policies (for example around security context, allowed fields, or image sources). The other options don’t serve this purpose: HorizontalPodAutoscaler scales based on metrics, ConfigMaps store configuration data, and DaemonSets manage pod placement on nodes. So admission controllers are the way to enforce policy checks at creation time.

Admission controllers are the mechanism that intercepts requests to the API server after authentication and authorization and before the object is stored. They can validate inputs and reject the request if policies aren’t met, so pod creation is prevented unless the policy check passes. You can use built-in validating admission controllers or set up validating webhooks to enforce custom policies (for example around security context, allowed fields, or image sources). The other options don’t serve this purpose: HorizontalPodAutoscaler scales based on metrics, ConfigMaps store configuration data, and DaemonSets manage pod placement on nodes. So admission controllers are the way to enforce policy checks at creation time.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy