During every API call, Kubernetes applies a number of security controls. This security life cycle is depicted here:
API call life cycle
After secure TLS communication is established, the API server runs through authorization and authentication. Finally, an admission controller loop is applied to the request before it reaches the API server.