Security: use kubectl in shared environments

I am building a Rails application that manages different K8s clusters for different customers.

Basically the Rails application works like this:

  1. The tenant writes some YAML files for configuring his own cluster
  2. The Rails app connects to the cluster of the customer and applies the new configuration

Is it safe to use kubectl for this use case?


  • Can a malicious YAML file passed to kubectl produce file access, environment variables access, arbitrary code execution, etc. on the server that makes the API call to K8s?
  • Can a malicious K8s response to a request made by kubectl cause similar security issues?

It would be useful to document whether kubectl is appropriate or not to be used in shared / multi-tenant environments with untrusted inputs (YAML configuration, etc).

Thanks in advance