search

PaloAltoNetworks / rbac-police

Evaluate the RBAC permissions of Kubernetes identities through policies written in Rego
https://www.paloaltonetworks.com/resources/whitepapers/kubernetes-privilege-escalation-excessive-permissions-in-popular-platforms
MIT License
339 stars 35 forks source link

Add `--zoom` flag which expands the permissions of a specific identity #14

Closed yuvalavra closed 2 years ago

yuvalavra commented 2 years ago

Add --zoom flag which expands the permissions of a specific identity.

Usage:

./rbac-police expand -z sa=kube-system:metrics-server
./rbac-police expand -z user=example@email.com