Skip to content

Create less privileges user in kubernetes using RBAC for kubectl

Role-Based Access Control (“RBAC”) is a mechanism for controlling access to the Kubernetes API, and since its beta in 1.6, many Kubernetes clusters and provisioning strategies have enabled it by default.

By default, any users in a kubernetes environment running Kubernetes have access to all the resources within Kubernetes. Enabling Kubernetes RBAC allows owners of environments to restrict access to the various resources within Kubernetes to specific users in the environment. Kubernetes 1.8 represents a significant milestone for the role-basedaccess control (RBAC) authorizer, which was promoted to GA in this release.


Better support for user objects in kubernetes api is still in the pipeline. Easiest way we can create user right now are service account.

kubectl apply -f rbac.yml

Save following content in rbac.yml and run above command.

Now create config file using following,



Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: