Risks

How to Secure Kubernetes with RBAC and Avoid Risks with kubectl

Beyond RBAC: Additional Security Measures

RBAC in Kubernetes is only cumulative, i.e., you can only whitelist. Further, certain commands are not containable with RBAC, e.g.

kubectl config view 
kubectl cluster-info

Both commands give essential information about the cluster.

The most "dangerous" commands are:

kubectl get cm -n kube-system

The whole configfiles (zm the kubelet- or kubeadmconfig) are configmaps and are therefore visible.

kubectl cluster-info #not advisable!
#Provides every information about the cluster
kubectl config <Verb>

Gives either insight to the clusterconfig, allows to edit or change the contexts or create them.

kubectl delete <Verb>

Deletes Kubernetes objects

Here it must be clearly defined who is allowed to control what and to what extent with kubectl. This is done with RBAC, but it does not hurt to additionally exclude commands such as "kubectl verb", its corresponding ClusterRoles and Roles, including Bindings, kubectl config view, kubectl config verb context etc. just to be extra sure. 


follow these measures

Any Questions?

Please feel free to contact us for any question that is not answered yet. 

We are looking forward to get in contact with you!

Newsletter

Design Escapes

KubeOps GmbH
Hinter Stöck 17
72406 Bisingen
Germany

  • Telefon:

    +49 7433 93724 90

  • Mail:

    This email address is being protected from spambots. You need JavaScript enabled to view it.

Download Area
Certified as

KubeOps GmbH is the owner of the Union trademark KubeOps with the registration number 018305184. 

© KubeOps GmbH. All rights reserved. Subsidiary of