OpenShift security is mainly a COMBINATION of two COMPONENTS that mainly handles security constraints.

Security Context Constraints (SCC): It is basically used for pod RESTRICTION, which means it defines the limitations for a pod, as in what actions it can perform and what all things it can access in the cluster.

Service Account: Service accounts are basically used to control access to OpenShift MASTER API, which gets called when a command or a request is fired from any of the master or node machine.

OpenShift security is mainly a combination of two components that mainly handles security constraints.

Security Context Constraints (SCC): It is basically used for pod restriction, which means it defines the limitations for a pod, as in what actions it can perform and what all things it can access in the cluster.

Service Account: Service accounts are basically used to control access to OpenShift master API, which gets called when a command or a request is fired from any of the master or node machine.