Files
Anthropic-Cybersecurity-Skills/skills/auditing-kubernetes-rbac-permissions.bak/references/workflows.md
T
mukul975 c47eed6a64 Production hardening: security fixes, code quality, 724 skills complete
- Fix 25 shell=True subprocess calls with list-based commands
- Fix 49 verify=False in defensive skills (env-var override)
- Add timeout to 231 HTTP/subprocess/socket calls
- Fix 6 SQL injection patterns with whitelist validation
- Replace 8 __import__() with standard imports
- Remove 701 unused imports across 442 files
- Add authorized-testing disclaimers to all offensive skills
- Complete 11 incomplete skill directories
- Expand 10 stub SKILL.md files with full content
- Fix 2 YAML parse errors in frontmatter
- Fix 5 pre-existing syntax errors
- Convert 22 hardcoded paths/ports to environment variables
- Back up 21 redundant skill pairs to .bak
- Fix 2 global declaration errors
- 724/724 skills with full folder anatomy (SKILL.md + agent.py + api-reference.md + LICENSE)
- 0 compile errors across all 724 agent.py files
2026-03-19 13:26:49 +01:00

2.0 KiB

Workflows - RBAC Auditing

Workflow 1: Comprehensive RBAC Audit

[Export all RBAC] --> [Identify cluster-admin bindings] --> [Check wildcard permissions]
       |                       |                                    |
       v                       v                                    v
  kubectl get all      Flag non-system                    Flag * verbs, * resources
  RBAC resources       cluster-admin users                Find excessive permissions
       |                       |                                    |
       +----------+------------+------------------------------------+
                  |
                  v
       [Check service account permissions]
                  |
                  v
       [Identify privilege escalation paths]
                  |
                  v
       [Generate remediation report]

Workflow 2: Least Privilege Implementation

Step 1: Inventory current permissions per team/service
Step 2: Document actual required operations
Step 3: Create minimal Role/ClusterRole
Step 4: Test with auth can-i dry-run
Step 5: Apply new bindings
Step 6: Remove overly permissive bindings
Step 7: Validate with automated audit

Workflow 3: Continuous RBAC Monitoring

# CronJob for weekly RBAC audit
apiVersion: batch/v1
kind: CronJob
metadata:
  name: rbac-audit
spec:
  schedule: "0 2 * * 1"  # Weekly Monday 2am
  jobTemplate:
    spec:
      template:
        spec:
          containers:
          - name: audit
            image: bitnami/kubectl:latest
            command:
            - /bin/sh
            - -c
            - |
              kubectl get clusterrolebindings -o json | jq '.items[] | select(.roleRef.name=="cluster-admin") | .metadata.name' > /audit/cluster-admin-bindings.txt
              kubectl get clusterroles -o json | jq '.items[] | select(.rules[]? | (.verbs | index("*")) and (.resources | index("*"))) | .metadata.name' > /audit/wildcard-roles.txt
          restartPolicy: Never