All content for Platform Engineering Playbook Podcast is the property of vibesre and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
• RBAC has 4 components: Subjects, Resources, Verbs, and Scope - understand how they connect
• Always prefer namespace-scoped Roles over ClusterRoles - contain blast radius
• Create dedicated ServiceAccounts per application, never bind to default
• Base64 is encoding, not encryption - real secrets need Sealed Secrets or External Secrets Operator
• The 5 critical misconfigurations: cluster-admin for workloads, wildcards, default ServiceAccount permissions, create on RBAC resources, auto-mounted tokens
