services / Kubernetes / Roles
A role is a set of permissions that defines a specific level of access to resources within a single namespace. It consists of rules that specify which API operations can be performed on specific resource types. Roles are scoped to a specific Kubernetes namespace.
Roles are only definitions of permissions. A role does not take effect unless assigned to principal via a RoleBinding.
rbac.authorization.k8s.io/roles.get
Retrieves the permissions contained in a specific role.
Risks
Scope: CRITICAL
This privilege may grant access to sensitive data from a significant fraction of organizational functions, allow interruption of critical organizational services, or its exploit could lead to significant privilege escalation.
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog