A site dedicated to collecting good practices and tooling around Kubernetes RBAC. Both pull requests and issues are welcome.
Official Kubernetes docs
Talks and articles
Generators and operators
- liggitt/audit2rbac: takes a Kubernetes audit log and username as input, and generates RBAC role and binding objects that cover all the API requests made by that user.
- reactiveops/rbac-manager: operator that supports declarative configuration for RBAC with new custom resources.