Is your feature request related to a problem? Please describe.

some time's you as Pen-Tester or Read Team Member get access to Role Definition Yaml Files and would like to do a static scan on them.

Describe the solution you would like

implementing Static Scan without the use of the API Kubernetes Client
implementing Parser for YAML File

Todo's

role.py : add parse method to create role object from a yaml file
rule.py : add parse method to create role object from a yaml file
subject : add parse method to create role object from a yaml file
utils.py : add get_roles_by_kind_from_file(kind) that open file and parse all Yaml File and create objects from the data
utils.py : add get_risky_role_by_kind_from_file(kind,roles) same as get_risky_role_by_kind but using get_roles_by_kind_from_file
kubiscan.py : add args for the new feature

Hi @aasyria,

Thank you for your suggestion, this is a great idea, like offline scan.
I will need to see how we can do it because this is something that will require time.

Meanwhile, we have other tool called "kubernetes-rbac-audit" which work on offline roles, this is I think exactly what you need.
Please see if this provides you a workaround for now.

Hi @aasyria,

Thank you for your suggestion, this is a great idea, like offline scan. I will need to see how we can do it because this is something that will require time.

Meanwhile, we have other tool called "kubernetes-rbac-audit" which work on offline roles, this is I think exactly what you need. Please see if this provides you a workaround for now.

yes something like this .
you can just try to merge both tools togther.