Accountable AI on Kubernetes: How platforms enforce what RBAC can't

An AI agent may be granted kubectl access to help with operations, and an SRE may have the same permissions. The difference is that an SRE may choose not to delete namespaces, while an agent may not apply the same judgment.

When agents act on Kubernetes, platforms can lose accountability. Audit logs show service accounts, not users. Static permissions cannot capture runtime context or intent, and decision trails are often not helpful.

This talk shows how platforms can make AI agents accountable. It covers three patterns:
• Admission webhooks that require user identity in every agent call
• Policy engines such as Kyverno that enforce context-aware boundaries
• Audit annotations that capture decision rationale

Attendees will see practical approaches that answer who invoked the agent, what constraints were applied, and why that choice was made. No exotic tooling is required, only Kubernetes primitives applied to the AI accountability problem.