4

The Kubernetes Dashboard allows users to see all secrets, including their raw values with just a couple clicks. These secrets will likely contain very sensitive data, such as production database passwords and private keys.

How do you limit users of the Dashboard, so that they can't see the sensitive data?

peterl
  • 1,881
  • 4
  • 21
  • 34
  • 1
    With [RBAC](https://kubernetes.io/docs/admin/authorization/), you could disallow certain roles from being able to read/create/list secrets. – Anirudh Ramanathan Feb 11 '17 at 01:57

1 Answers1

2

This is a known issue and it is simply not officially supported at the moment - the Dashboard is a super-user level administration tool. This should not be the case forever, but more help is needed to get it there.

There are some workarounds discussed in that issue thread that work currently. Here are some notable quirks around them to be aware of beforehand:

  • Should the dashboard be under a dashboard user, and limited by that? If so, like Anirudh suggested you can neuter parts of the Dashboard and it will work fine and get 403s if they access the Secrets panel.
  • Should the dashboard be under a logged in user, and be limited to what that user can see? This means that kubectl proxy will be necessary without some browser plugin or MITM proxy to attach the needed auth to dashboard server calls but it is possible.
Jasmine Hegman
  • 547
  • 7
  • 22