cryostat-operator icon indicating copy to clipboard operation
cryostat-operator copied to clipboard

Published 20 hours ago verified publisher icon cryostatio

RBAC audit

Open andrewazores opened this issue 1 year ago • 1 comments

ex. https://github.com/cryostatio/cryostat-operator/blob/53b69d21cd90afce5d2a8b9a91cd6f518d595f6e/config/rbac/role.yaml#L20

The RBAC verbs should be explicitly listed out for each permission, rather than wildcarded.

andrewazores avatar Sep 13 '24 14:09 andrewazores

I think there are also some unused permissions. I don't think we need oauthaccesstokens or selfsubjectaccessreviews for the OAuth Proxy.

ebaron avatar Sep 13 '24 15:09 ebaron