Security advanced β± 15 minutes K8s 1.28+
OpenClaw RBAC and Multi-Tenant Isolation
Configure OpenClaw RBAC policies and namespace isolation for multi-tenant Kubernetes clusters with per-team agent access controls.
By Luca Berton β’ β’ π 5 min read
π‘ Quick Answer: Use Kubernetes RBAC with dedicated ServiceAccounts per OpenClaw agent and namespace isolation to enforce multi-tenant boundaries in shared clusters.
The Problem
Running multiple OpenClaw agents in a shared Kubernetes cluster without proper RBAC creates security risks β agents could access other teamsβ secrets, resources, or messaging channels.
The Solution
Create per-tenant namespaces with scoped ServiceAccounts and RBAC policies that restrict each OpenClaw agent to its own resources.
Namespace-Per-Team Structure
apiVersion: v1
kind: Namespace
metadata:
name: openclaw-team-alpha
labels:
openclaw.ai/tenant: team-alpha
pod-security.kubernetes.io/enforce: restricted
---
apiVersion: v1
kind: Namespace
metadata:
name: openclaw-team-beta
labels:
openclaw.ai/tenant: team-beta
pod-security.kubernetes.io/enforce: restrictedScoped ServiceAccount and Role
apiVersion: v1
kind: ServiceAccount
metadata:
name: openclaw-agent
namespace: openclaw-team-alpha
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: openclaw-agent-role
namespace: openclaw-team-alpha
rules:
- apiGroups: [""]
resources: ["configmaps", "secrets"]
verbs: ["get", "list", "watch", "create", "update", "patch"]
- apiGroups: [""]
resources: ["pods", "pods/log"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: openclaw-agent-binding
namespace: openclaw-team-alpha
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: openclaw-agent-role
subjects:
- kind: ServiceAccount
name: openclaw-agent
namespace: openclaw-team-alphaDeny Cross-Namespace Access with ClusterRole Aggregation
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: openclaw-deny-cluster-wide
rules: []
# Explicitly empty β agents get NO cluster-level access
# All permissions come from namespace-scoped Roles onlyOpenClaw Deployment with Tenant Isolation
apiVersion: apps/v1
kind: Deployment
metadata:
name: openclaw-agent
namespace: openclaw-team-alpha
spec:
replicas: 1
selector:
matchLabels:
app: openclaw
tenant: team-alpha
template:
metadata:
labels:
app: openclaw
tenant: team-alpha
spec:
serviceAccountName: openclaw-agent
automountServiceAccountToken: false
securityContext:
runAsNonRoot: true
runAsUser: 1000
fsGroup: 1000
seccompProfile:
type: RuntimeDefault
containers:
- name: openclaw
image: ghcr.io/openclaw/openclaw:latest
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
readOnlyRootFilesystem: true
env:
- name: OPENCLAW_TENANT
value: "team-alpha"
envFrom:
- secretRef:
name: openclaw-credentials
volumeMounts:
- name: workspace
mountPath: /home/node/.openclaw
- name: tmp
mountPath: /tmp
volumes:
- name: workspace
persistentVolumeClaim:
claimName: openclaw-workspace-alpha
- name: tmp
emptyDir:
sizeLimit: 500MiResourceQuota per Tenant
apiVersion: v1
kind: ResourceQuota
metadata:
name: openclaw-quota
namespace: openclaw-team-alpha
spec:
hard:
requests.cpu: "2"
requests.memory: 4Gi
limits.cpu: "4"
limits.memory: 8Gi
persistentvolumeclaims: "3"
pods: "5"
secrets: "10"graph TD
A[Kubernetes Cluster] --> B[openclaw-team-alpha NS]
A --> C[openclaw-team-beta NS]
B --> D[ServiceAccount alpha]
C --> E[ServiceAccount beta]
D --> F[Role: own secrets + configmaps]
E --> G[Role: own secrets + configmaps]
B --> H[NetworkPolicy: deny cross-NS]
C --> I[NetworkPolicy: deny cross-NS]
B --> J[ResourceQuota: 4 CPU 8Gi]
C --> K[ResourceQuota: 4 CPU 8Gi]Common Issues
- Agent accessing other namespaces β never bind ClusterRoles; use namespace-scoped Roles only
- Secret leakage between tenants β set
automountServiceAccountToken: falseand mount only needed secrets - Resource starvation β apply ResourceQuota per namespace to prevent noisy neighbors
- Pod security violations β use Pod Security Standards (
restrictedprofile) on tenant namespaces
Best Practices
- One namespace per team/tenant with dedicated ServiceAccount
- Use
restrictedPod Security Standard on all OpenClaw namespaces - Apply ResourceQuota and LimitRange per namespace
- Combine with NetworkPolicies for network-level isolation
- Audit RBAC permissions quarterly with
kubectl auth can-i --list - Use labels for tenant identification and policy enforcement
Key Takeaways
- Namespace-scoped Roles prevent cross-tenant access
- ServiceAccount per agent ensures least-privilege
- ResourceQuota prevents resource monopolization
- Pod Security Standards enforce container hardening
- Combined with NetworkPolicies, this creates defense-in-depth multi-tenancy
Recommended
Kubernetes Recipes β The Complete Book100+ production-ready patterns with detailed explanations, best practices, and copy-paste YAML. Everything in one place.
Get the Book βπ
Learn by Doing
CopyPasteLearn β Hands-on Cloud & DevOps CoursesMaster Kubernetes, Ansible, Terraform, and MLOps with interactive, copy-paste-run lessons. Start free.
Browse Courses β#openclaw #rbac #multi-tenancy #security #namespaces
π Deepen Your Skills β Hands-on Courses
Courses by CopyPasteLearn.com β Learn IT by Doing
Want More Kubernetes Recipes?
This recipe is from Kubernetes Recipes, our 750-page practical guide with hundreds of production-ready patterns.