Forbid use of kubectl commands

0

So, we need to meet PCI DSS requirements. Some of requirements force use of individual users for changing/modifying anything inside of the environment. Because i was not able to find possibility to do so for running kubectl commands, i want just to forbid any use of kubectl commands, how can i do this?

Thanks

主題

安全性、身分識別與合規管理與治理容器

標籤

安全性、身分識別與合規 AWS Command Line Interface Amazon Elastic Kubernetes Service AWS Account Management

語言

English

已提問 1 年前檢視次數 253 次

1 個回答

最新
最多得票
最多評論

1

已接受的答案

To forbid use for certain commands / manage access for users, you should look into RBAC which includes role binding at diff levels ie cluster and namespace levels. Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/

RBAC should help you with what you require but needs a careful reading :)

--Syd

已回答 1 年前

專家

已審閱 1 年前

相關內容

amazon polly使用字數異常增加(The characters increased for no reason)
ys_1004
已提問 10 個月前
Application Load Balancer 在什麼時候會向後端建立新的連線
已接受的答案
Luke W
已提問 5 個月前
[Glue Studio] Data target 選了 partition key，執行 job 卻說 Partition column not found in schema
anderson
已提問 9 個月前
[AWS Glue]context.py:79: FutureWarning: Deprecated in 3.0.0. Use SparkSession.builder.getOrCreate() instead
已接受的答案
Cole
已提問 1 年前
如何解決 Amazon ECS 中的「[AWS service] was unable to place a task because no container instance met all of its requirements」錯誤？
AWS 官方已更新 1 年前
如何解決 AWS Organizations 的錯誤 "You have exceeded the allowed number of AWS accounts." (您已超過允許的 AWS 帳戶數。)？
AWS 官方已更新 1 年前
嘗試透過電話驗證 AWS 帳戶時，如何解決 "maximum number of failed attempts（已達到失敗嘗試次數上限）" 錯誤？
AWS 官方已更新 2 年前
當我嘗試將複本新增至 Amazon DynamoDB 全域表時，如何疑難排解 "Cannot create a replica of table (無法建立資料表複本)" 的錯誤？
AWS 官方已更新 2 年前