kubernetes
diff --git a/‎content/zh/docs/reference/access-authn-authz/_index.md
Lines changed: 52 additions & 0 deletions b/‎content/zh/docs/reference/access-authn-authz/_index.md
Lines changed: 52 additions & 0 deletions
@@ -1,4 +1,56 @@
 ---
 title: 访问 API
 weight: 20
+no_list: true
 ---
+
+<!--
+title: API Access Control
+weight: 20
+no_list: true
+-->
+
+<!--
+For an introduction to how Kubernetes implements and controls API access,
+read [Controlling Access to the Kubernetes API](/docs/concepts/security/controlling-access/).
+
+Reference documentation:
+-->
+关于 Kubernetes 如何实现和控制 API 访问的介绍性材料，可阅读
+[控制 Kubernetes API 的访问](/zh/docs/concepts/security/controlling-access/)。
+
+参考文档：
+
+<!--
+- [Authenticating](/docs/reference/access-authn-authz/authentication/)
+   - [Authenticating with Bootstrap Tokens](/docs/reference/access-authn-authz/bootstrap-tokens/)
+- [Admission Controllers](/docs/reference/access-authn-authz/admission-controllers/)
+   - [Dynamic Admission Control](/docs/reference/access-authn-authz/extensible-admission-controllers/)
+- [Authorization](/docs/reference/access-authn-authz/authorization/)
+   - [Role Based Access Control](/docs/reference/access-authn-authz/rbac/)
+   - [Attribute Based Access Control](/docs/reference/access-authn-authz/abac/)
+   - [Node Authorization](/docs/reference/access-authn-authz/node/)
+   - [Webhook Authorization](/docs/reference/access-authn-authz/webhook/)
+- [Certificate Signing Requests](/docs/reference/access-authn-authz/certificate-signing-requests/)
+   - including [CSR approval](/docs/reference/access-authn-authz/certificate-signing-requests/#approval-rejection)
+     and [certificate signing](/docs/reference/access-authn-authz/certificate-signing-requests/#signing)
+- Service accounts
+  - [Developer guide](/docs/tasks/configure-pod-container/configure-service-account/)
+  - [Administration](/docs/reference/access-authn-authz/service-accounts-admin/)
+-->
+- [身份认证](/zh/docs/reference/access-authn-authz/authentication/)
+   - [使用启动引导令牌来执行身份认证](/zh/docs/reference/access-authn-authz/bootstrap-tokens/)
+- [准入控制器](/zh/docs/reference/access-authn-authz/admission-controllers/)
+   - [动态准入控制](/zh/docs/reference/access-authn-authz/extensible-admission-controllers/)
+- [鉴权与授权](/zh/docs/reference/access-authn-authz/authorization/)
+   - [基于角色的访问控制](/zh/docs/reference/access-authn-authz/rbac/)
+   - [基于属性的访问控制](/zh/docs/reference/access-authn-authz/abac/)
+   - [节点鉴权](/zh/docs/reference/access-authn-authz/node/)
+   - [Webhook 鉴权](/zh/docs/reference/access-authn-authz/webhook/)
+- [证书签名请求](/zh/docs/reference/access-authn-authz/certificate-signing-requests/)
+   - 包含 [CSR 的批复](/zh/docs/reference/access-authn-authz/certificate-signing-requests/#approval-rejection)
+     和[证书签名](/zh/docs/reference/access-authn-authz/certificate-signing-requests/#signing)
+- 服务账号
+  - [开发者指南](/zh/docs/tasks/configure-pod-container/configure-service-account/)
+  - [管理文档](/zh/docs/reference/access-authn-authz/service-accounts-admin/)
+