Advanced Operations, Security & App Management in Kubernetes
Ends soon! Keep adding new skills with 10,000+ programs for $239 (usually $399). Save now.
Advanced Operations, Security & App Management in Kubernetes
This course is part of Kubernetes β An Enterprise Guide Specialization
Included with
Learn more
Ask Coursera
Recommended experience
Recommended experience
What you'll learn
Implement security policies using Open Policy Agent and Gatekeeper.
Secure runtime environments by integrating KubeArmor into Kubernetes.
Deploy and manage applications on Istio service mesh, optimizing enterprise environments.
Skills you'll gain
Tools you'll learn
Details to know
June 2026
9 assignments
See how employees at top companies are mastering in-demand skills
Build your subject-matter expertise
- Learn new concepts from industry experts
- Gain a foundational understanding of a subject or tool
- Develop job-relevant skills with hands-on projects
- Earn a shareable career certificate
There are 9 modules in this course
This course is designed to elevate your expertise in Kubernetes operations by focusing on advanced security enforcement, monitoring, service mesh integration, and platform automation. You will learn to optimize, secure, and scale Kubernetes environments for large-scale enterprise applications.
Through detailed lectures and practical guidance, you will gain the skills necessary to implement robust security measures, manage runtime environments, and monitor clusters effectively. The course covers advanced topics like policy enforcement using Open Policy Agent and Gatekeeper, runtime security with KubeArmor, and backup strategies. You will also explore the fundamentals of Istio service mesh, best practices for application deployment, and provisioning a multitenant platform. The course combines in-depth theory with real-world applications to ensure that you can apply the concepts to your own Kubernetes deployments immediately. This course is ideal for Kubernetes professionals and cloud architects who want to deepen their knowledge of security and management in Kubernetes environments. Some familiarity with Kubernetes is required for this advanced course. This course is part three of a three-course Specialization designed to provide a comprehensive learning pathway in this subject area. While it delivers standalone value and practical skills, learners seeking a more integrated and in-depth progression may benefit from completing the full Specialization.
This module introduces learners to the Open Policy Agent (OPA) and its integration with Kubernetes for advanced security policy enforcement. You will explore writing, testing, and debugging policies using the Rego language, as well as building dynamic and reusable policy frameworks. Alternatives to Rego-based policies and practical deployment strategies are also discussed.
What's included
1 video8 readings1 assignment
1 videoβ’Total 1 minute
- Overviewβ’1 minute
8 readingsβ’Total 46 minutes
- Introductionβ’6 minutes
- What Is OPA and How Does It Work?β’6 minutes
- Using Rego to Write Policiesβ’4 minutes
- Testing an OPA Policyβ’5 minutes
- Building Dynamic Policiesβ’4 minutes
- Debugging Regoβ’7 minutes
- Building and Deploying Our Policyβ’9 minutes
- Creating Policies Without Regoβ’5 minutes
1 assignmentβ’Total 16 minutes
- Securing Kubernetes with Open Policy Agentβ’16 minutes
This module explores advanced node security in Kubernetes, focusing on preventing container breakouts, designing secure containers, and leveraging Gatekeeper for policy enforcement. Learners will examine vulnerability scanning, compare policy mechanisms, and address challenges in multi-tenant environments. Practical debugging and authorization strategies are also covered to strengthen cluster security.
What's included
1 video8 readings1 assignment
1 videoβ’Total 1 minute
- Overviewβ’1 minute
8 readingsβ’Total 46 minutes
- Introductionβ’5 minutes
- Container Breakoutsβ’5 minutes
- Properly Designing Containersβ’7 minutes
- Scanning Images for Known Exploitsβ’5 minutes
- What About Pod Security Policiesβ’5 minutes
- Authorizing Node Security Policiesβ’6 minutes
- Debugging Constraint Violationsβ’4 minutes
- Scaling Policy Deployment in Multi-Tenant Clustersβ’9 minutes
1 assignmentβ’Total 16 minutes
- Node Security Fundamentalsβ’16 minutes
This module introduces the fundamentals of securing Kubernetes clusters at runtime using KubeArmor. Learners will explore multi-tenancy security, real-time policy logging, and practical tools for managing and monitoring cluster security. By the end, participants will be able to implement and troubleshoot KubeArmor in multi-tenant environments.
What's included
1 video6 readings1 assignment
1 videoβ’Total 1 minute
- Overviewβ’1 minute
6 readingsβ’Total 50 minutes
- Introductionβ’10 minutes
- Welcome to KubeArmorβ’6 minutes
- Multi-tenancy Supportβ’6 minutes
- Enabling KubeArmor Loggingβ’14 minutes
- Using Karmor to Interact with KubeArmorβ’8 minutes
- Karmor Logsβ’6 minutes
1 assignmentβ’Total 16 minutes
- KubeArmor Runtime Security Fundamentalsβ’16 minutes
This module guides learners through the essentials of backing up and restoring Kubernetes workloads using Velero. You will explore setup, configuration, and management of Velero, including backing up persistent volumes, scheduling backups, and restoring data to the same or a new cluster. By the end, you'll be equipped to ensure data resilience and disaster recovery in Kubernetes environments.
What's included
1 video9 readings1 assignment
1 videoβ’Total 1 minute
- Overviewβ’1 minute
9 readingsβ’Total 58 minutes
- Introductionβ’9 minutes
- Introducing and Setting Up VMwareβs Veleroβ’7 minutes
- Exposing MinIO and the Consoleβ’6 minutes
- Backing up PVCsβ’5 minutes
- Running a One-Time Cluster Backupβ’7 minutes
- Scheduling a Cluster Backupβ’4 minutes
- Managing Velero Using the CLIβ’7 minutes
- Restoring from a backupβ’6 minutes
- Using a Backup to Create Workloads in a New Clusterβ’7 minutes
1 assignmentβ’Total 16 minutes
- Kubernetes Workload Backup Fundamentalsβ’16 minutes
This module guides learners through monitoring Kubernetes clusters and workloads using tools like Prometheus, Alertmanager, Grafana, and OpenSearch. You will explore how to collect, visualize, and secure metrics and logs, as well as set up effective alerting and access controls. By the end, you'll be able to ensure cluster health and respond proactively to operational issues.
What's included
1 video9 readings1 assignment
1 videoβ’Total 1 minute
- Overviewβ’1 minute
9 readingsβ’Total 51 minutes
- Introductionβ’11 minutes
- Common Kubernetes Metricsβ’4 minutes
- Alerting with Alertmanagerβ’5 minutes
- Alerting Your Team Based on Metricsβ’5 minutes
- Visualizing Data with Grafanaβ’4 minutes
- Adding Metrics to OpenUnisonβ’5 minutes
- Securing Access to Your Monitoring Stackβ’8 minutes
- Tracing Logs from Your Container to Your Consoleβ’6 minutes
- Viewing Log Data in Kibanaβ’3 minutes
1 assignmentβ’Total 16 minutes
- Kubernetes Cluster and Workload Monitoring Fundamentalsβ’16 minutes
This module introduces learners to Istio, a service mesh for Kubernetes, focusing on its core concepts, security features, and resource management. You will explore how Istio manages traffic, enforces security policies, and provides observability through tools like Kiali. Practical examples and guided walkthroughs will help you understand and apply Istio's capabilities in real-world Kubernetes environments.
What's included
1 video12 readings1 assignment
1 videoβ’Total 1 minute
- Overviewβ’1 minute
12 readingsβ’Total 72 minutes
- Introductionβ’9 minutes
- Securityβ’8 minutes
- Understanding Istio Egress Gatewayβ’7 minutes
- Introducing Istio Resourcesβ’6 minutes
- Denying and allowing all accessβ’5 minutes
- Gatewaysβ’6 minutes
- Peer Authenticationβ’6 minutes
- Sidecarsβ’6 minutes
- Installing Kialiβ’4 minutes
- Using the Graph Viewβ’3 minutes
- Using the Applications Viewβ’5 minutes
- Using the Services Viewβ’7 minutes
1 assignmentβ’Total 16 minutes
- Istio Service Mesh Fundamentalsβ’16 minutes
This module explores how to design, build, and deploy applications within an Istio service mesh, focusing on both monolithic and microservices architectures. Learners will gain hands-on experience configuring authentication, authorization, and secure service-to-service communication using Istio features. Practical scenarios such as sticky sessions, JWT enforcement, and advanced authorization rules are covered to enhance application security and scalability.
What's included
1 video11 readings1 assignment
1 videoβ’Total 1 minute
- Overviewβ’1 minute
11 readingsβ’Total 66 minutes
- Introductionβ’5 minutes
- Monolithic Application Designβ’6 minutes
- Using Istio to Help Manage Microservicesβ’7 minutes
- Configuring Sticky Sessionsβ’7 minutes
- Integrating Authentication into Our Serviceβ’4 minutes
- Authorizing Access to Our Serviceβ’7 minutes
- Authorizing in Serviceβ’6 minutes
- Creating an OPA Authorization Ruleβ’5 minutes
- Calling Other Servicesβ’3 minutes
- Authenticating Your Serviceβ’6 minutes
- Using Impersonationβ’10 minutes
1 assignmentβ’Total 16 minutes
- Istio Application Deployment Fundamentalsβ’16 minutes
This module guides learners through the process of deploying applications on a multitenant Kubernetes platform, focusing on secure pipeline integration, technology stack selection, and platform architecture design. Learners will explore best practices for automating tenant onboarding, managing image registries, and implementing a GitOps workflow. By the end, participants will be equipped to design and provision scalable, secure multitenant environments.
What's included
1 video7 readings1 assignment
1 videoβ’Total 1 minute
- Overviewβ’1 minute
7 readingsβ’Total 45 minutes
- Introductionβ’6 minutes
- Securing Your Pipelineβ’6 minutes
- Choosing Our Technology Stackβ’5 minutes
- Designing Our Platform Architectureβ’9 minutes
- Securely Pushing and Pulling Imagesβ’6 minutes
- Automating Tenant Onboardingβ’5 minutes
- Designing a GitOps Strategyβ’8 minutes
1 assignmentβ’Total 16 minutes
- Provisioning and Security in Multitenant Environmentsβ’16 minutes
This module guides learners through the process of setting up an internal developer portal, including customizing Kubernetes nodes, deploying infrastructure as code with Pulumi, and integrating essential DevOps tools like Vault and GitLab. Learners will also explore GitOps bootstrapping, tenant onboarding, and application deployment workflows. By the end, participants will understand how to promote applications from development to production in a secure, automated environment.
What's included
1 video9 readings1 assignment
1 videoβ’Total 1 minute
- Overviewβ’1 minute
9 readingsβ’Total 47 minutes
- Introductionβ’7 minutes
- Customizing Nodesβ’5 minutes
- Deploying Pulumiβ’9 minutes
- Unsealing Vaultβ’5 minutes
- Generating a GitLab Personal Access Tokenβ’4 minutes
- Bootstrapping GitOps with OpenUnisonβ’4 minutes
- Onboarding a Tenantβ’3 minutes
- Deploying an Applicationβ’4 minutes
- Promoting to Productionβ’6 minutes
1 assignmentβ’Total 16 minutes
- Developer Portal Fundamentalsβ’16 minutes
Earn a career certificate
Add this credential to your LinkedIn profile, resume, or CV. Share it on social media and in your performance review.
Instructor
Offered by
Explore more from Security
- Status: Free Trial
- Status: Free Trial
- Status: Free Trial
Course
- Status: Free TrialL
LearnKartS
Course
Why people choose Coursera for their career
Frequently asked questions
Yes, you can preview the first video and view the syllabus before you enroll. You must purchase the course to access content not included in the preview.
If you decide to enroll in the course before the session start date, you will have access to all of the lecture videos and readings for the course. Youβll be able to submit assignments once the session starts.
Once you enroll and your session begins, you will have access to all videos and other resources, including reading items and the course discussion forum. Youβll be able to view and submit practice assessments, and complete required graded assignments to earn a grade and a Course Certificate.
More questions
Financial aid available,
