Docs
Blog
Kubevious.io places cookies on your computer or device to make the site work better and to help us understand how you use our site. Further use of this site (by clicking, navigating or scrolling) will be considered consent. Please visit our privacy policy for more information.
Guard
Features
Application Centric UI
Health Monitoring
Cloud Native Tools
Search Engine
Time Machine
Rules Engine
Slack Bot
Built-in Validators
Container
Compute
Configuration
Networking
Storage
RBAC
ServiceAccount not specified in container
Unresolved Role reference in RoleBinding
Unresolved Secret reference in ServiceAccount
Unresolved ServiceAccount reference in Binding
Unresolved ServiceAccount reference in container
Unused Role
Unused RoleBinding
Unused ServiceAccount
Security
Traefik Proxy
Docs
Built-in Validators
RBAC

Unused RoleBinding

RoleBinding grants Role permissions to ServiceAccounts or Users. This validator detects RoleBindings that are not associated with any application workloads.

Affected Resources: RoleBinding, ClusterRoleBinding

Example

apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: read-pods subjects: - kind: ServiceAccount name: backend ...

Resolution

  • Examine applications within the namespace and determine if ServiceAccount in RoleBinding is supposed to be used in those workloads.
  • Make necessary naming corrections in RoleBinding ServiceAccount subject references.
  • If the RoleBinding is indeed unused, it may need to be just removed.
    • Prev
    Unused Role
    Next
    Unused ServiceAccount

    Need other validation rules?

    Please let us know if there are other built-in validation rules you would like to see in Kubevious to detect misconfigurations and violations to best practices. Optionally, you can provide your details so we can reach out to you with follow-up questions.

    Share this article on:
    message
    PRODUCTGet StartedDemoOpen-Source
    COMPANYContactPrivacy PolicyTerms and Conditions
    KNOWLEDGE BASEDocumentationKubernetes Best PracticesBlog