Giters

alcideio / rbac-tool

Rapid7 | insightCloudSec | Kubernetes RBAC Power Toys - Visualize, Analyze, Generate & Query

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

who-can | add support for special RBAC verbs

gadinaor-r7 opened this issue · comments

commented

Per k8s rbac documentation there special cases

The following cases needs to be covered:

  1. 'bind' verb - see this
  2. 'escalate' - see this
  3. 'impersonate' verb see this

Reference: https://www.impidio.com/blog/kubernetes-rbac-security-pitfalls