Kubernetes 1.28 introduces several security enhancements to improve the user experience and address the evolving needs of its users. The enhancements include the use of CEL-based admission policies and webhook match conditions, reduction of secret-based service account tokens, ensuring secure image pulling, container image signature handling based on sigstore, KMS v2 improvements, and an Auth API to get self-user attributes. These enhancements provide better security, performance, and management of Kubernetes clusters, ensuring that only verified and secure images are used and that sensitive data remains encrypted. As Kubernetes becomes more essential, these enhancements play a critical role in ensuring the security and reliability of container orchestration platforms.
Source: CNCF Blog.