May 19, 2020
Kubernetes RBAC explained
Introduction Whether it is from CI/CD or from the command-line, I often see the default kube-config with cluster-admin rights being used. This is like permanently working with root privileges and there certainly are more secure ways.
In this post we will look into demystifying Kubernetes RBAC, and setting-up more suitable permissions for two use-cases:
a CI/CD pipeline that needs full permissions on anything located in a given Namespace a reader who needs to access resources for troubleshooting purposes Concepts Roles and ClusterRoles define sets of permissions to objects at the namespace and cluster scope.
Read more