ReBAC with Kyverno: Automating Multi-Tenant RBAC at Scale - Pavan Madduri, W.W.Grainger.Inc

Name: ReBAC with Kyverno: Automating Multi-Tenant RBAC at Scale - Pavan Madduri, W.W.Grainger.Inc
Uploaded: 2026-05-28T16:36:18.000Z
Channel: CNCF

Kyverno Kubernetes rbac Rebac Relationship Based access control Multi Tenant kubernetes Kyverno generate policy Clusterpolicy Namespace automation Kubernetes access control Cloud native security Enterprise kubernetes

CNCF May 28, 2026

AI summary

This talk demonstrates how Grainger replaced manual Kubernetes RBAC provisioning with an automated ReBAC system using Kyverno generate policies. The presenter shows how six ClusterPolicies automatically create tiered Roles (operator, contributor, viewer) and RoleBindings when namespaces are created, eliminating manual YAML and tickets. Platform engineers and Kubernetes administrators at scale will learn a reusable pattern for self-service namespace access without cluster-admin dependencies.

From Policy to Production: Implementing ISO27001/BSI IT-Gr... Marcus Ross, Hamburg Port Authority

Webhook Topology and Admission Latency: Lessons from Migration - Tanat Lokejaroenlarb, Adevinta

Poison Control: Unifying Software and Content... Anmol Krishan Sachdeva & Ankit Kotnala, Google

Policy-as-Code for LLM Inference: Cost & Security Guardrails - Sakalya Deshpande, SAP Labs

From YAML to CEL: Understanding Kyverno’s New Policy Model - Kirti Goyal, DevRel @Keploy

Welcome & Opening Remarks - Cortney Nickerson, CNCF Ambassador

ChatLoopBackOff: Episode 78 (Cedar)

Cloud Native Live: Falco's Nest & the Evolution of Runtime Security

Keynote: Rules of the Road for Shared GPUs: AI Inference Scheduling at Wa... M. Muralikrishnan (ASL)