Risks

How to Secure Kubernetes with RBAC and Avoid Risks with kubectl

Beyond RBAC: Additional Security Measures

RBAC in Kubernetes is only cumulative, i.e., you can only whitelist. Further, certain commands are not containable with RBAC, e.g., kubectl config view and kubectl cluster-info. Both commands give essential information about the cluster.

 

The most "dangerous" commands are:

  • kubectl get cm -n kube-system:

The whole configfiles (zm the kubelet- or kubeadmconfig) are configmaps and are therefore visible.

 

  • kubectl cluster-info (dumb):
  • Gives all information about the cluster
  • kubectl config <Verb>:

Gives either insight to the clusterconfig, allows to edit or change the contexts or create them.

 

  • kubectl delete <Verb>:

Deletes Kubernetes objects

 

Here it must be clearly defined who is allowed to control what and to what extent with kubectl. This is done with RBAC, but it does not hurt to include specific commands like kubectl "verb" sa, kubectl "verb" ClusterRoles and Roles including Bindings, kubectl config view, kubectl config "verb" context etc. In general, to prevent, regardless of RBAC.

follow these measures

Any Questions?

Please feel free to contact us for any question that is not answered yet. 

We are looking forward to get in contact with you!

Newsletter

Design Escapes

KubeOps GmbH
Hinter Stöck 17
72406 Bisingen
Germany

  • Telefon:

    +49 7433 93724 00

  • Mail:

    This email address is being protected from spambots. You need JavaScript enabled to view it.

Legal

Download Area

Certified as

KubeOps GmbH is the owner of the Union trademark KubeOps with the registration number 018305184. 

© KubeOps GmbH. All rights reserved. Subsidiary of

KubeOps is certified as