cyberneticlibrary
← library

Audit and enforce Kubernetes RBAC

k8s-securityskillsetup L4908
rohitg00/kubectl-mcp-server
What it does

Audit Kubernetes RBAC, network policies, and policy compliance across cluster

Best for

Finding which service accounts have admin access and enforcing no-wildcards policy before production.

Inputs
  • · RBAC role/rolebinding queries
  • · network policy matchers
  • · policy constraints list
Outputs
  • · RBAC permission matrix
  • · policy violation report
  • · network isolation status
Requires
  • · kubectl
  • · Kyverno/Gatekeeper (optional)
  • · Cilium (optional)
Preconditions
  • · Kubernetes cluster access
  • · appropriate kubeconfig context
Failure modes
  • · overly broad cluster-admin bindings not flagged
  • · secrets access not audited
  • · wildcard verbs not detected
  • · policy reports missing
Trust signals
  • · 10-tool suite with RBAC+policy+network focus
  • · cluster-admin check as priority 1
  • · threat matrix table included
  • · automation script referenced