Merge pull request #56 from nigeldouglas-itcarlow/patch-2

Updated ClusterRoleBinding manifest to use rbac.authorization.k8s.io/…
OWASP · Feb 5, 2024 · 687d52a · 687d52a
2 parents 0363214 + 527787f
commit 687d52a
Showing 1 changed file with 8 additions and 8 deletions.
diff --git a/2022/en/src/K03-overly-permissive-rbac.md b/2022/en/src/K03-overly-permissive-rbac.md
@@ -43,18 +43,18 @@ Execution) then it is trivial for the attacker to compromise the entire cluster
 by impersonating the service
 
 ```yaml
-apiVersion: rbac.authorization.k8s.io/v1beta1
+apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
- name: redacted-rbac
+  name: redacted-rbac
 subjects:
- - kind: ServiceAccount
-   name: default
-   namespace: default
+- kind: ServiceAccount
+  name: default
+  namespace: default
 roleRef:
- kind: ClusterRole
- name: cluster-admin
- apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cluster-admin
+  apiGroup: rbac.authorization.k8s.io
 ```
 
 ### How to Prevent