Visualizing RBAC on Kubernetes on Windows
Using a tool to help you see your RBAC setup
I’m taking a quick break from leveraging Istio to introduce an RBAC visualization tool to help you get a better idea of your RBAC situation. RBAC is a bit difficult to conceptualize for me, so I was looking for a tool that would just tell me the current state of my roles and access. I found one so I thought I’d share.
Like you, a quick search finds you with this tool popping up all over the place. After doing my own research, this is the kind of tool I was hoping to find. A tool that would query the cluster and show me how my roles and access are laid out.
Upon further reading, I realized some of the other tools are only built for either Linux or MacOs. Here’s what I did to get it to work on Windows.
Update binaries to their latest versions
choco upgrade minikube
choco upgrade kubernetes-cli
Install KREW, the Kubernetes Plugin Manager. As always, here’s the source. https://github.com/kubernetes-sigs/krew and the link to get the files are here:
You can't perform that action at this time. You signed in with another tab or window. You signed out in another tab or…
In an administrative command prompt where you downloaded the .exe and .yaml file:
krew.exe install --manifest=krew.yaml
You will need to update your environment variable as listed above and then open a new console window. Then, test it out.
kubectl krew version
If you get a “not supported on windows” message, don’t fret. You can uninstall krew simply by deleting the directory
It will be like it never happened. Try installing it again and see what happens.
Use Krew to install rbac-view
kubectl krew install rbac-view
As it states, run
Open a browser to http://localhost:8800
If we zoom in, we can see our permissions set from a previous exercise.
Simple! To think, I used to try to maintain this with a spreadsheet, but now, I have a lightweight ephemeral tool that I can bring up when I want to see the state of things, and remove when I’m done.
As usual, thanks for reading!