By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Forbid use of kubectl commands

0

So, we need to meet PCI DSS requirements. Some of requirements force use of individual users for changing/modifying anything inside of the environment. Because i was not able to find possibility to do so for running kubectl commands, i want just to forbid any use of kubectl commands, how can i do this?

Thanks

Topics
Security, Identity, & ComplianceManagement & GovernanceContainers
Tags
Security, Identity, & ComplianceAWS Command Line InterfaceAmazon Elastic Kubernetes ServiceAWS Account Management
Language
English
Joann Babak
asked a year ago245 views
1 Answer
1
Accepted Answer

To forbid use for certain commands / manage access for users, you should look into RBAC which includes role binding at diff levels ie cluster and namespace levels. Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/

RBAC should help you with what you require but needs a careful reading :)

--Syd

profile picture
Syd
answered a year ago
profile pictureAWS
EXPERT
Toni_S
reviewed a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content