►
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
The
next
use
case,
we're
going
to
cover
is
configuration
management
and,
let's
imagine
we're
in
a
scenario
which
is
very
common.
We've
had
a
high
rate
of
adoption
for
kubernetes
over
the
past
few
years.
We
know
that
development
teams
used
to
have
a
lot
of
access
and
ownership
and
elevated
privileges,
and
now
the
head
of
security
wants
to
go
back
and
clean.
Some
of
that
up.
He
wants
to
know
if
there's
any
roles
out
there
with
elevated
privileges
that
aren't
being
used
by
any
users
or
accounts.
A
He
also
wants
to
know
if
cluster
admin
access
has
been
given
to
any
existing
service
accounts
and
is
currently
in
use
and
wants
you
to
report
back
on
some
of
that
information.
So
this
is
where
we
would
go
to
the
configuration
management
screen
of
stack
rocks
and
what
I'm
going
to
do
is
I'm
going
to
go
over
to
the
rbac
visibility
and
configuration
tab
in
the
top
first
thing.
A
I'm
going
to
do
is
answer
the
first
scenario:
I'm
going
to
go
to
the
roles
and
what
I'm
going
to
do
is
I'm
going
to
look
for
any
admin
roles
that
are
no
longer
associated
with
any
accounts
and
immediately.
I
can
see
that
in
production,
I've
got
an
admin
role
that
is
not
being
used
by
any
users
and
groups
any
service
accounts.
This
presents
a
pretty
big
risk
because
this
role
can
be
assigned
at
any
time
to
anyone
and
why
have
the
risk
if
it's
not
in
use?
A
So
if
I
click
on
this,
I
can
immediately
see
when
this
was
created,
which
cluster
it's
in.
In
this
case,
no
users
and
groups
or
service
accounts
are
tied
to
it,
and
I
can
immediately
see
all
the
different
permissions
and
verbs
that
are
allowed,
which
resource
objects
are
being
tied
to
those
permissions,
and
I
can
export
this
information
quickly.
A
For
my
head
of
security
and
a
similar
way,
I'm
going
to
go
back
to
the
configuration
management
and
I'm
going
to
click
on
my
service
accounts,
and
what
I'm
going
to
see
is
that
immediately
it's
going
to
filter
by
this
column,
cluster
admin
role
enabled,
and
I
don't
care
about
these
two
cube
system
components.
They
need
the
cluster
admin
role.
What
I
do
care
about
is
that
I
see
cluster
admin.
Access
has
been
tied
to
my
visa
processor
in
my
payments
namespace.
A
So
I'm
going
to
click
on
this
visa
processor
and
I'm
going
to
drill
into
it
and
I'm
going
to
see
a
few
different
things
related
to
this
service
account
I'm
going
to
see.
Is
it
tied
to
any
other
deployments?
What
other
roles
does
it
have?
Are
there
any
other
things
that
can
pull
from
this,
which
other
users
and
groups
have
been
granted
cluster
admin
access?
And
in
this
case
I
can
see
that
it's
given
permission
to
the
entire
cluster.