This session takes the sharp edges off of Role Based Access Controls in Kubernetes and demystifies how to design and debug policies in both single tenant and multi-tenant clusters. This session will start with a quick overview of how Kubernetes integrates identity, how that identity is applied to authorization, and finally different strategies for automating authorizations in a cluster. This session will cover policy creation, debugging, aggregate role design, and automation. We'll also touch on the impacts of external systems that control your clusters, such as GitOps controllers. After this session attendees will have a clearer direction on how to approach authorizations in their clusters,