# Security Primitives

### Secure Hosts

  - Password based authentication disabled
  - [[SSH]] key based authetication

### Secure Kubernetes

### Authentication

Who can access?

  - Files - Username and Password
  - Files - Username and Tokens
  - Certificates
  - External Authentication providers - [[LDAP]]
  - Service Accounts

### Authorization

What can they do?

  - [[RBAC]] Authorization
  - [[ABAC]] Authorization
  - [[Node]] Authorization
  - [[Webhook]] Mode

### TLS Certificates