Using wildcards when defining Role-Based Access Control (RBAC) permissions in Kubernetes can lead to significant security issues. This is because
it grants overly broad permissions, potentially allowing access to sensitive resources.
RBAC is designed to limit the access rights of users within the system by assigning roles to them. These roles define what actions a user can
perform and on which resources. When a wildcard is used, it means that the role has access to all resources/verbs, bypassing the principle of least
privilege. This principle states that users should have only the minimal permissions they need to perform their job function.
What is the potential impact?
If an attacker gains access to a role with wildcard permissions, they could potentially read, modify, or delete any resource in the Kubernetes
cluster, leading to data breaches, service disruptions, or other malicious activities.