Resources in a Kubernetes cluster should be segregated by namespace, to allow for security controls to be applied at that level and to make it easier to manage resources.
CSIStorageCapacity, ConfigMap, ControllerRevision, CronJob, DaemonSet, Deployment, EndpointSlice, Endpoints, Event, HorizontalPodAutoscaler, Ingress, Job, Lease, LimitRange, NetworkPolicy, PersistentVolumeClaim, Pod, PodDisruptionBudget, PodTemplate, ReplicaSet, ReplicationController, ResourceQuota, Role, RoleBinding, Secret, Service, ServiceAccount, StatefulSet
Lists all resources in default namespace for user to review and approve.
Run this command to list objects in default namespace
kubectl get $(kubectl api-resources --verbs=list --namespaced=true -o name | paste -sd, -) --ignore-not-found -n default
The only entries there should be system managed resources such as the
Ensure that namespaces are created to allow for appropriate segregation of Kubernetes resources and that all new resources are created in a specific namespace.
Unless a namespace is specific on object creation, the
default namespace will be used
Updated 21 days ago