Inferensys

Glossary

Admission Controller

A Kubernetes-native plugin that intercepts authenticated API requests to the API server and can mutate or validate objects, such as enforcing image signature policies before pods are persisted.
Stylish WeWork-like workspace with hot desks and document wall, professional searching through enterprise knowledge base on a mounted ultrawide display, warm industrial pendants overhead.
KUBERNETES SECURITY PLUGIN

What is an Admission Controller?

An admission controller is a piece of code that intercepts authenticated requests to the Kubernetes API server after authentication and authorization but before the object is persisted to etcd, allowing it to mutate or validate the resource.

An admission controller is a Kubernetes-native plugin that intercepts authenticated API requests to the API server and can mutate or validate objects before they are persisted to etcd. It acts as a final gatekeeper in the API request lifecycle, operating after authentication and authorization but before the object is stored. This mechanism enforces custom security policies, defaulting logic, and resource governance rules that go beyond standard RBAC permissions.

There are two types: mutating admission controllers, which can modify incoming objects to inject defaults like sidecar proxies or resource limits, and validating admission controllers, which accept or reject requests based on policy compliance. Common implementations include the PodSecurity admission controller and dynamic webhooks like OPA Gatekeeper. In sovereign AI infrastructure, admission controllers are critical for enforcing image signature verification and ensuring only trusted, scanned images from a private registry are deployed.

KUBERNETES SECURITY

Core Characteristics of Admission Controllers

Admission controllers are the gatekeepers of the Kubernetes API server, enforcing custom policies and security defaults before objects are persisted to etcd. They intercept authenticated requests and can mutate or validate resources in real-time.

01

Mutating Admission Webhooks

These controllers intercept requests before validation and can modify the object. They are called first in the admission chain.

  • Defaulting: Automatically inject sidecar containers, volume mounts, or environment variables.
  • Image Tag Resolution: Convert mutable tags like latest to immutable digests.
  • Pod Identity: Attach service mesh proxies or workload identity labels without developer intervention.

A mutating webhook receives an AdmissionReview request, applies patches via JSON Patch, and returns the modified object. If any mutating webhook rejects the request, the entire API call fails immediately.

Phase 1
Admission Chain Order
02

Validating Admission Webhooks

These controllers execute after all mutating webhooks complete. They inspect the final object state and either allow or deny the request based on custom policies.

  • Image Provenance: Verify that all container images are signed by trusted authorities using Cosign or Notary signatures.
  • Resource Constraints: Reject pods that lack defined CPU and memory limits.
  • Ingress Rules: Ensure hostnames comply with organizational naming conventions.

Validating webhooks cannot modify objects. They return a simple allowed: true/false response with a human-readable message explaining the denial reason.

Phase 2
Admission Chain Order
03

Dynamic Admission Control

Unlike built-in admission plugins compiled into the API server binary, dynamic admission controllers run as external HTTPS services registered via ValidatingWebhookConfiguration or MutatingWebhookConfiguration resources.

  • Extensibility: Deploy custom logic in any language without rebuilding Kubernetes.
  • TLS Required: All webhook communication must occur over HTTPS with valid certificates.
  • Failure Policy: Configure failurePolicy: Ignore or Fail to control behavior when the webhook service is unreachable.

This architecture enables organizations to enforce bespoke security policies, such as validating image signatures against a private container registry before deployment.

HTTPS
Required Protocol
04

Image Policy Webhook

A specialized validating admission controller that enforces binary authorization by verifying container image signatures and attestations at deploy time.

  • Signature Verification: Checks that images are signed by trusted authorities using Cosign or the Sigstore public good instance.
  • Attestation Inspection: Validates SBOMs, vulnerability scan results, and SLSA provenance stored as OCI artifacts.
  • Break-Glass Override: Allows authorized users to bypass policy in emergency scenarios with full audit logging.

This webhook integrates directly with private container registries to ensure only approved, tamper-proof images enter production clusters.

Deploy-Time
Enforcement Point
05

Admission Review Lifecycle

Every API request flows through a deterministic admission pipeline before persistence:

  1. Authentication: Verify the identity of the caller.
  2. Authorization: Check RBAC permissions for the requested verb and resource.
  3. Mutating Admission: Apply defaulting and injection logic.
  4. Object Schema Validation: Validate the object against the OpenAPI schema.
  5. Validating Admission: Enforce custom policies and deny non-compliant requests.
  6. Persistence: Write the final object to etcd.

This ordered chain ensures that security policies are applied consistently and transparently to every resource in the cluster.

6 Stages
Request Pipeline
06

Common Admission Controllers

Kubernetes ships with several built-in admission plugins that are compiled directly into the API server:

  • AlwaysPullImages: Mutates every pod to set the image pull policy to Always, ensuring fresh image pulls.
  • LimitRanger: Enforces default resource requests and limits on pods and containers.
  • PodSecurity: Replaces the deprecated PodSecurityPolicy with a built-in standards-based admission controller.
  • ResourceQuota: Ensures that namespaces do not exceed their allocated compute and storage quotas.
  • NodeRestriction: Limits the objects a kubelet can modify to its own node.

These built-in controllers execute before any dynamic webhooks and provide foundational cluster security.

Built-In
Compiled in API Server
ADMISSION CONTROL

Frequently Asked Questions

Essential questions about Kubernetes admission controllers, their role in enforcing security policies, and how they validate container images in sovereign AI infrastructure deployments.

A Kubernetes admission controller is a plugin that intercepts authenticated API requests to the API server after authentication and authorization but before the object is persisted to etcd. It operates in two phases: mutating admission and validating admission. During the mutating phase, controllers can modify the request object—for example, injecting a sidecar container or adding default labels. During the validating phase, controllers inspect the final object and either allow or deny the request based on policy rules. Admission controllers are compiled into the kube-apiserver binary or deployed as external webhooks via the ValidatingWebhookConfiguration and MutatingWebhookConfiguration resources. This architecture enables organizations to enforce image signature verification, SBOM attestation checks, and registry allowlist policies before any pod is scheduled onto a node, making admission controllers the critical gatekeeper for sovereign AI infrastructure security.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.