Kubernetes RBAC can really get complicated quickly, and I'm on the hunt for an easy way to find some answers like:
- Who can do what?
- Who has excessive permissions?
- Who has access to secrets?
Are there any lightweight tools out there that you would recommend, whether they have a UI or are command-line based? Or is it more common for teams to just rely on kubectl along with manifests? Any suggestions would be greatly appreciated!
3 Answers
Check out this tool: [kubectl-who-can](https://github.com/aquasecurity/kubectl-who-can). However, it doesn't really scale well for bigger clusters and lacks proper visualization.
I've found that k9s displays a nice table view that can help with RBAC visibility. It's pretty clean if you're looking for some organization! But keep in mind, it might not cover every compliance aspect well.
If you're interested, I can share some scripts that can help you analyze permissions in your cluster. They can give you insights into your RBAC setup specifically.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures