How Webhook Authorization Works

Learn how webhook authorization works in Kubernetes.

Webhook authorization

The task during the authorization stage is to determine user privileges, in other words, if the user is allowed to perform the requested action. For example, the user Bob is trying to create a Pod. During the authorization stage, Kubernetes needs to verify if Bob is allowed to POST a Pod to the kube-apiserver.

Kubernetes bundles a group of authorization plugins as a union authorization chain, just as the code snippet below shows:

Get hands-on with 1200+ tech skills courses.