Beyond RBAC: Additional Security Measures
RBAC in Kubernetes is only cumulative, i.e., you can only whitelist. Further, certain commands are not containable with RBAC, e.g., kubectl config view and kubectl cluster-info. Both commands give essential information about the cluster.
The most "dangerous" commands are:
The whole configfiles (zm the kubelet- or kubeadmconfig) are configmaps and are therefore visible.
Gives either insight to the clusterconfig, allows to edit or change the contexts or create them.
Deletes Kubernetes objects
Here it must be clearly defined who is allowed to control what and to what extent with kubectl. This is done with RBAC, but it does not hurt to include specific commands like kubectl "verb" sa, kubectl "verb" ClusterRoles and Roles including Bindings, kubectl config view, kubectl config "verb" context etc. In general, to prevent, regardless of RBAC.
Please feel free to contact us for any question that is not answered yet.
We are looking forward to get in contact with you!
Hinter Stöck 17
+49 7433 93724 00