creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-15 23:44:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/implementing-rbac-hardening-for-kubernetes/references/workflows.md
T

708 B
Raw Blame History

Workflows - RBAC Hardening

Hardening Workflow

  1. Audit all existing ClusterRoleBindings and RoleBindings
  2. Identify overprivileged accounts (cluster-admin sprawl)
  3. Create namespace-scoped Roles with minimum required permissions
  4. Migrate workloads to dedicated service accounts
  5. Disable automountServiceAccountToken on default service accounts
  6. Integrate OIDC for user authentication
  7. Deploy RBAC monitoring and alerting
  8. Schedule quarterly RBAC reviews

Continuous Compliance

  • Weekly: automated RBAC audit with rbac-lookup
  • Monthly: review new RoleBindings created in past 30 days
  • Quarterly: full access review with stakeholder sign-off
  • Annually: penetration test RBAC boundaries
Reference in New Issue View Git Blame Copy Permalink