Skip to content

Kubernetes Dashboard RBAC security model

The Kubernetes Dashboard relies on Role-Based Access Control (RBAC) to manage permissions and secure the cluster.^[400-devops__06-Kubernetes__devops-helm__terraform-helm__helm__README.md] Proper configuration of these resources is critical for the security of the cluster.^[400-devops__06-Kubernetes__devops-helm__terraform-helm__helm__README.md]

Helm chart configuration

The underlying Helm chart provides specific parameters to manage the creation and scope of RBAC resources.^[400-devops__06-Kubernetes__devops-helm__terraform-helm__helm__README.md]

Service Account

The chart creates a dedicated Service Account for the Dashboard pods by default, though this can be customized or disabled using the serviceAccount.create and serviceAccount.name values^[400-devops__06-Kubernetes__devops-helm__terraform-helm__helm__README.md].

Cluster Roles

The chart supports the creation of several ClusterRole resources to grant varying levels of access^[400-devops__06-Kubernetes__devops-helm__terraform-helm__helm__README.md]:

  • rbac.clusterRoleMetrics: Defaults to true. This creates an additional ClusterRole and RoleBinding specifically to allow the Dashboard to access metrics^[400-devops__06-Kubernetes__devops-helm__terraform-helm__helm__README.md].
  • rbac.clusterReadOnlyRole: Defaults to false. When enabled, this creates a ClusterRole with read-only permissions for resources listed within the configuration^[400-devops__06-Kubernetes__devops-helm__terraform-helm__helm__README.md].

Security Hardening

To minimize security risks, the Helm chart enforces strict constraints on secret management and explicitly avoids overly permissive configurations^[400-devops__06-Kubernetes__devops-helm__terraform-helm__helm__README.md].

  • Least Privilege: It is highly recommended to configure RBAC with the minimal privileges required for the Dashboard to function^[400-devops__06-Kubernetes__devops-helm__terraform-helm__helm__README.md].
  • Secret Management: By default, the associated ServiceAccount does not have permission to create secrets^[400-devops__06-Kubernetes__devops-helm__terraform-helm__helm__README.md].
  • Removal of Cluster Admin: The clusterAdminRole parameter has been completely removed from the chart configuration because it was deemed too dangerous^[400-devops__06-Kubernetes__devops-helm__terraform-helm__helm__README.md].

Sources

^[400-devops__06-Kubernetes__devops-helm__terraform-helm__helm__README.md]