There are multiple admins who accesses k8s clusters. What is the recommended way to share the config file?
I know,
kubectl config view --minify
but certification part is REDACTED by this command.
By default, kubectl looks for a file named config in the $HOME/. kube directory. You can specify other kubeconfig files by setting the KUBECONFIG environment variable or by setting the --kubeconfig flag.
Show activity on this post. and copy the file, which is the kubeconfig for your cluster. kubectl config view --minify , it will display all the info except for the client ca certificate and client key. The location of those keys depends on how the cluster is setup.
Authentication Material: KubeConfig This file is very sensitive and if found can allow an attacker administrative access to the Kubernetes Cluster. During penetration testing, testers will commonly search for this file rather than trying to run exploits against the Kubernetes.
You can add the --flatten flag, which is described in the document to "flatten the resulting kubeconfig file into self contained output (useful for creating portable kubeconfig files)"
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With