Your task
Use the kubestellar-ops MCP tools to analyze RBAC permissions.
- •
Ask the user for:
- •The subject type (user, group, or serviceaccount)
- •The subject name
- •The cluster (optional, defaults to current context)
- •The namespace (for serviceaccounts)
- •
Use
analyze_subject_permissionsto get all roles, bindings, and effective permissions - •
Provide a report showing:
- •All RoleBindings and ClusterRoleBindings for the subject
- •Effective permissions (what actions they can perform)
- •Any overly permissive access (cluster-admin, wildcards, etc.)
- •Security recommendations
Do not use any other tools besides the kubestellar-ops MCP tools.