[EPIC] Expand base commands set #10
Labels
CLI
Command line related
Comments
This was referenced Mar 9, 2020
Open
Open
marcinc
changed the title
marcinc
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is to cover further RBAC inspection. The list below is just an indicator and some ideas around how to make it come complete (individual commands will link to separate issues):
unused- "unused" command #11 - Unused ClusterRole, ClusterRoleBinding, Role, RoleBindingmulti-binding- "multi-binding" command #12 - Show all roles for given subject and highlight those with multiple bindings for the same role.risky-roles- "risky-roles" command #13 - List Roles/ClusterRoles for Subject (user, group or service account) with a SCOPE (Cluster-Wide/NS)risky-subjects- "risky-subjects" command #14 - Identify risky Subjects (Users, Groups and ServiceAccounts)roles- "roles" command #15 - List Roles/ClusterRoles for Subject (user, group or service account) with a SCOPE (Cluster-Wide/NS). Alternatively split command intousers/serviceaccounts/groups?permissions- "permissions" command #16 - List Rules (compiled permissions) for given Subject (user, group, sa) in scanned Kubernetes cluster - scoped by Cluster-Wide/NS?The text was updated successfully, but these errors were encountered: