Permission Manager is an application developed by SIGHUP that enables a super-easy and user-friendly RBAC management for Kubernetes. If you are looking for a simple and intuitive way of managing your users within a Kubernetes cluster, this is the right place.
With Permission Manager, you can create users, assign namespaces/permissions, and distribute Kubeconfig YAML files via a nice&easy web UI.
Screenshots
Installation
To deploy and run the Permission Manager on your cluster, follow the installation guide
Development Setup
We love contributions from the community ❤️.
Learn how-to-contribute
How it works?
The application allows us to define and select permission standard templates (those defining who can do what, within a namespace or globally) and associate them with all the users you might want to create.
The template system is an abstraction over Cluster-Roles, RoleBinding, and ClusterRolesBindigs.
Do we plan to use CRD’s and custom labels? Sure, it’s in the product roadmap.
What is a template?
A template is a ClusterRole with a prefix
template-namespaced-resources___
for example template-namespaced-resources___developer
Why a template is not a CRD?
When we started the development of this project, a template was one-to-one to a clusterrole
, the usage of a CRD looked overkill. This will obviously change in future to avoid polluting clusterroles
and will allow us to have a more precise encapsulation of what is owned by the permission manager.
How to add a new template?
Create a clusterrole starting with template-namespaced-resources___
and apply it.
Default templates
developer
and operation
default templates can be created by applying the manifest located at k8s/k8s-seeds/seed.yml
kubectl apply -f k8s/k8s-seeds
What is a user?
A user is a custom resource of kind permissionmanagerusers.permissionmanager.user
Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…
This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…
GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…
Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…
The free and open-source security platform SecHub, provides a central API to test software with…
Don't worry if there are any bugs in the tool, we will try to fix…