An admission controller is a control point that evaluates and can modify or reject requests before they are accepted into a cluster or orchestration environment. It matters because policy is much stronger when risky workloads can be blocked before they ever start running.
What is Admission Controller?
Admission controllers commonly enforce image trust, security context, namespace policy, resource limits, labels, and configuration standards. They are a practical way to turn platform guardrails into live enforcement.
What Admission Controller Commonly Supports
Common uses include workload policy enforcement, cluster governance, supply chain checks, and hardening at deployment time.
Admission Controller vs. Post-Deployment Review Only
Admission control blocks or rewrites risky requests before acceptance. Post-deployment review detects issues later after the workload may already be active.
Frequently Asked Questions
Why use admission control?
Because prevention at deploy time is often safer and cheaper than cleanup after workloads launch.
Does admission control replace runtime security?
No. It is an early gate, but runtime behavior still needs monitoring and control.
