Privilege Escalation

A sudo like process to elevate privileges for cluster admins is implemented using the Kubernetes user impersonation feature.

Cluster admins only have the view ClusterRole and the permission to impersonate arbitrary other users (including system:admin) by default. During normal operations, these permissions should suffice for most of the tasks. If a possibly destructive command needs to be run (create, update, delete), privileges need to be explicitly elevated first. This helps to make an explicit decision to use elevated permissions for a certain task or command. At the very least it should help prevent acidentially running destructive commands in a wrong context (wrong cluster, wrong namespace, etc.).

See the how-to for usage details.