Access Any Kubernetes Secret
You can gain access to any secret that you want in Kubernetes even if you don’t have RBAC permissions to get, list or view that secret. All you need is permission that allows you to do anything on pods and an ability to guess the names of secrets. With these two ingredients, here is how you can access any secret out there. Nasty User Here is a user called nastyuser who can only do stuff on pod objects. Everything else is forbidden. The user cannot list secrets, namespaces or deployments: ...