I've come across a security finding that recommends not assigning 'bind', 'escalate', or 'impersonate' permissions to principals. The highlighted roles here are 'admin' and 'edit.' I'm considering removing these roles altogether and switching to custom roles that grant specific privileges instead. However, I'm still new to Kubernetes and worried about the impact of removing these roles. Would this make things harder for us in the future? Is this a standard best practice to follow? Thanks in advance!
2 Answers
I wouldn't recommend deleting the 'admin' role. It's really not necessary, since you can just avoid binding it and create a custom role instead.
It's definitely a best practice to minimize permissions. Creating custom roles is the way to go. Just make sure you thoroughly test those before actually removing the 'admin' and 'edit' roles. And if your devs have admin permissions, it might be worth limiting those or using a 'break glass' approach.
Thanks for the advice! I like the idea of custom roles with least privilege, but wasn't sure if deleting the 'admin' role would cause major issues, kind of like removing 'root' from Linux. Appreciate the help!