Difficulty: Intermediate
Estimated Time: 5 minutes

CloudSecOps

We'll learn how to use OPA Gatekeeper to prevent the use of wildcards in verbs.

In this scenario, we have seen how to prevent the use of wildcard in verbs of Role and ClusterRole and the reason behind the need of this policy in our organizations.

For more info on this scenario - Restrict Wildcards in RBACs

For more OPA Gatekeeper use-cases - Mastering OPA Policies

Block Wildcard in Verbs (Role and ClusterRole)

Step 1 of 4

Reason

The use of wildcard in verbs result in giving a Role or a ClusterRole all the privileges rather than only the least privileges required. With this policy implemented, we can prevent the unaware or the accidental use of the wildcards in Role/ClusterRole and RoleBinding/ClusterRolebinding.