Currently, RBAC deployment is in place, however, there is not a sane manner in which RBAC is assigned. To do such a thing would require significant elevated privileges for the namespace-operator.
-
Is there a better way to do this, and to restrict the ability for the namespace-operator to elevate its privileges?
-
Need to implement agreed upon solution
Currently, RBAC deployment is in place, however, there is not a sane manner in which RBAC is assigned. To do such a thing would require significant elevated privileges for the namespace-operator.
Is there a better way to do this, and to restrict the ability for the namespace-operator to elevate its privileges?
Need to implement agreed upon solution