feat: Add ability to control RBAC within a member's namespace #2
Loading…
Reference in New Issue
No description provided.
Delete Branch "ztseguin/manifests:feat-ns-rbac"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
See https://kubernetes.io/docs/reference/access-authn-authz/rbac/#privilege-escalation-prevention-and-bootstrapping for how Kubernetes prevents privilege escalation with this.
This is important for creating restricted permissions within the namespace for application components - in particular those that require API server access.