Tag: cluster-admin

Kubernetes RBAC Over-Permissioning: Finding and Fixing cluster-admin Sprawl

cluster-admin bindings are the sudo of Kubernetes — they bypass all RBAC controls, and in most production clusters, they are assigned to more subjects than anyone realizes.

January 27, 2026