Yuval Avrahami

Thanks for the quick response! My use case for this is to take the output from `rakkess for $resource`, specifically the service accounts, to then search for pods assigned those...

Consider the following scenario: * An attacker who compromised a rkt pod wishes to compromise the host * The attacker substitutes `/bin/bash` inside the container with a malicious binary *...

This policy would deny all usage of LoadBalancers IPs, which may be a bit too restrictive. Consider adding a whitelist option through an allowedUsers parameter. Something similar is done in...

@AbirHamzi The service controller is able to assign a Load Balancer IP because template.yaml misses the first assignment of a Load Balancer IP. You can verify that by patching the...

Done via #8, use `--local-dir ` to run in offline mode. You can use [utils/get_cluster_data.sh](https://github.com/PaloAltoNetworks/rbac-police/blob/25dd22ad512ec33650a1cc650db7d4c633fd239c/utils/get_cluster_data.sh) to get the data needed for an offline run