Kubernetes RBAC and Network Policy Enforcement in Multi-Tenant Enterprise Environments
DOI:
https://doi.org/10.63282/3050-922X.IJERET-V7I2P113Keywords:
Kubernetes, RBAC, Network Policy, Multi-Tenancy, Container Security, Namespace Isolation, Admission Controller, Pod Security Standards, Kyverno, Calico, MITRE ATT&CKAbstract
Multi-tenant Kubernetes clusters present a unique set of security challenges that single-tenant deployments simply do not face. When multiple development teams, business units, or even external customers share the same underlying cluster infrastructure, the blast radius of any misconfiguration or privilege escalation grows dramatically. A compromised pod in one tenant's namespace can, without proper controls, enumerate services in every other namespace, access secrets belonging to other teams, and even escape to the host node if pod security settings are not enforced. These are not theoretical risks they are the exact attack patterns documented in the MITRE ATT&CK Container Matrix and exploited in real-world Kubernetes breaches. This paper examines the design and enforcement of Role-Based Access Control (RBAC) policies and Kubernetes Network Policies in multi-tenant environments, drawing on operational experience managing enterprise telecommunications infrastructure with over 200 namespaces across development, staging, and production tiers. We propose a layered access-control framework that combines namespace-scoped RBAC bindings, default-deny network policy segmentation, Pod Security Standards enforcement, and Kyverno admission controller automation to achieve tenant isolation without sacrificing developer productivity. The framework is validated against six common attack scenarios from the MITRE ATT&CK Container Matrix, including lateral pod-to-pod movement, privilege escalation through service account token abuse, privileged container escape, cross-namespace kubectl access, egress to external command-and-control servers, and unauthorized image deployment from untrusted registries. Results indicate that the proposed layered approach blocks 100 percent of tested cross-tenant access attempts while adding only 12 milliseconds of admission webhook latency per request. The paper also discusses the operational trade-offs between namespace-level soft multi-tenancy and hard multi-tenancy approaches using virtual cluster solutions.
References
[1] Chaudhary, B. S. (2026). Zero-Trust Security Architecture for Containerized Microservices in Enterprise Telecommunications Networks. Zenodo. https://doi.org/10.13140/RG.2.2.18747.27686
[2] Kubernetes Documentation. "Using RBAC Authorization." kubernetes.io/docs/reference/access-authn-authz/rbac/, 2025.
[3] Kubernetes Documentation. "Network Policies." kubernetes.io/docs/concepts/services-networking/network-policies/, 2025.
[4] MITRE. "ATT&CK for Containers Matrix." attack.mitre.org/matrices/enterprise/containers/, 2024.
[5] Kyverno Project. "Kyverno: Kubernetes Native Policy Management." kyverno.io, 2025.
[6] Kubernetes Documentation. "Pod Security Standards." kubernetes.io/docs/concepts/security/pod-security-standards/, 2025.
[7] Project Calico. "Calico Network Policy and Security." docs.tigera.io/calico/, 2025.
[8] Center for Internet Security. "CIS Kubernetes Benchmark v1.8." cisecurity.org, 2024.
[9] NSA/CISA. "Kubernetes Hardening Guide v1.2." media.defense.gov, 2022.
[10] Chaudhary, B. S. (2026). Proactive Infrastructure Monitoring and Observability. ISCSITR - IJSRIT, 7(1), 1-33. https://doi.org/10.63397/ISCSITR-IJSRIT_2026_07_01_001
[11] Chaudhary, B. S. (2026). Designing Automated Disaster Recovery Strategies for Hybrid Cloud Environments. Zenodo. https://doi.org/10.13140/RG.2.2.12036.39048
[12] Chaudhary, B. S. (2025). Insights into Cloud Migration (Migration to Azure/AWS). IJCET, 16(1). https://doi.org/10.34218/IJCET_16_01_101
