KIEMPossible is a new open-source tool for Kubernetes entitlement cleanup. It maps out who has access to what - roles, entities, permissions - and shows how those are actually used across your clusters. Think of it as a permission microscope for AKS, EKS, GKE, and even the DIY K8s crowd.
It breaks down tangled Role and ClusterRole bindings, slurps up audit logs, and flags unused permissions - helping teams cut back to least-privilege without sweating blood.
