Fine-grained Access Management in Kubernetes using Role-based Access Control

Kubernetes, as the prevailing container orchestration platform, necessitates robust security mechanisms to defend its dynamic, distributed architecture against privilege escalation and unauthorized access. While Role-Based Access Control (RBAC) serves as the primary mechanism for authorization, manual administration in large-scale environments leads to permission sprawl, misconfigurations, and violations of the principle of least privilege. This research proposes an automated, dynamic, and intelligent framework for fine-grained access management in Kubernetes. The framework deploys a RESTful Application Programming Interface (API) to automate role provisioning dynamically, eliminating the error-prone manual manipulation of YAML manifests. Furthermore, this study integrates an external monitoring engine utilizing Python-based machine learning (TensorFlow and NumPy) to perform continuous auditing of Kubernetes API logs for anomaly detection, coupled with a graphical administrative interface (Tkinter). Theoretical formulations of Kubernetes RBAC are mapped to the NIST standard model to mathematically prove the non-circumvent ability of the applied policies. Experimental results demonstrate a 92% reduction in access assignment latency via the proposed REST API, alongside high-precision detection of unauthorized API access anomalies, confirming the efficacy, operational scalability, and security of the proposed framework.