Kubernetes RBAC - Aqua https://www.aquasec.com/tag/kubernetes-rbac/ Cloud Native Security, Container Security & Serverless Security Mon, 15 Jul 2024 08:21:24 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.5 First-Ever Attack Leveraging Kubernetes RBAC to Backdoor Clusters https://www.aquasec.com/blog/leveraging-kubernetes-rbac-to-backdoor-clusters/ Fri, 21 Apr 2023 09:59:09 +0000 https://www.aquasec.com/?p=14426 First-Ever Attack Leveraging Kubernetes RBAC to Backdoor ClustersWe have recently discovered the first-ever evidence that attackers are exploiting Kubernetes (K8s) Role-Based Access Control (RBAC) in the wild to create backdoors. The attackers also deployed DaemonSets to take over and hijack resources of the K8s clusters they attack. Our research suggests that this campaign is actively targeting at least 60 clusters in the …]]> Kubernetes RBAC: How to Avoid Privilege Escalation via Certificate Signing https://www.aquasec.com/blog/kubernetes-rbac-privilige-escalation/ Wed, 06 Apr 2022 09:30:00 +0000 https://www.aquasec.com/?p=14889 Kubernetes RBAC: How to Avoid Privilege Escalation via Certificate SigningFollowing on from our previous post on the risks of privilege escalation in Kubernetes via the node/proxy resource, we’re going to take a look at how users who have rights to the certificate signing request (CSR) API in Kubernetes might be able to use them to escalate their privileges in a cluster. In addition to …]]> Privilege Escalation from Node/Proxy Rights in Kubernetes RBAC https://www.aquasec.com/blog/privilege-escalation-kubernetes-rbac/ Thu, 03 Mar 2022 11:30:00 +0000 https://www.aquasec.com/?p=14960 Privilege Escalation from Node/Proxy Rights in Kubernetes RBACOne of the side effects of Kubernetes’ rich API and extensive functionality is that sometimes there are security implications to granting users permissions. Security architects should be aware of these side effects when designing platforms that use Kubernetes. In recent research with Iain Smart of NCC Group, we looked at how granting rights to node/proxy …]]> RBAC Virtual Verbs: Teaching Kubernetes to Educate Dolphins https://www.aquasec.com/blog/kubernetes-verbs/ Mon, 31 Jan 2022 15:30:00 +0000 https://www.aquasec.com/?p=14985 RBAC Virtual Verbs: Teaching Kubernetes to Educate DolphinsKubernetes’ role-based access control (RBAC) system is a cornerstone of cluster security. Most clusters use RBAC to determine which users have access to specific operations, and its core elements are well covered in the Kubernetes documentation. However, there are some less well-known features that could be relevant when creating or using tools designed to ensure …]]>