Mastering Telco Cloud Openshift Security

Get a practical, hands-on introduction to OpenShift security, focused on controlling access, hardening workloads, isolating network traffic, securing platform communications, and validating compliance with continuous policy enforcement using RHACS.

Vendor-OCPS-A
Advanced
English
English
Discover the lab

Download Lab Guide

By signing up, you accept the Terms of Service and Privacy Policy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Discover the lab
DOWNLOAD LAB PDF

About The Lab

Prerequisites

Containers Basics
Kubernetes Basics

Audiences

Lab Architecture

This hands-on lab uses a Linux-based Single Node OpenShift (SNO) environment to practice securing OpenShift in a realistic setup. The setup includes configuring OpenLDAP-backed RBAC for controlled access, enforcing workload hardening with Security Profiles (SELinux/seccomp), and securing applications with service accounts, secrets, and least-privilege permissions. It also includes enforcing network segmentation with Kubernetes NetworkPolicies, managing TLS certificates with cert-manager, and applying compliance and file integrity controls through OpenShift operators, while using RHACS to apply security policies and detect risk in a cloud-native workflow.

Why this Lab ?

This lab is designed for platform, cloud, and security engineers who need to secure OpenShift and Kubernetes-based workloads in production environments. As clusters grow in complexity and host critical applications, security, compliance, and governance become essential requirements. This lab focuses on practical, hands-on security controls, enabling participants to understand, apply, and validate security mechanisms across the platform, workloads, networking, and certificate management. It equips learners with the skills required to build a secure, compliant, and resilient OpenShift environment.

Lab Objectives

  • Build practical understanding of compliance and audit logging, and how auditing supports security and accountability.
  • Apply least-privilege access control using authentication and authorization mechanisms (LDAP integration, RBAC, and SCC).
  • Enforce cluster-wide security policies at scale with RHACS by defining, applying, and validating security controls.
  • Secure the container supply chain through base image hardening, vulnerability scanning, trusted registries, and image signing.
  • Harden and validate cluster posture by improving network and filesystem security (Multus CNI, File Integrity Operator), applying workload protections (Seccomp/SELinux via Security Profiles Operator), automating certificates with cert-manager, and performing compliance scans with remediation workflows.

Related Labs

Explore More Hands-On Trainings

Explore More

Get Your Hands-On Training Lab

REQUEST LAB