USER PROBLEM
^{What is the user experiencing as a result of the bug? Include steps to reproduce.}

• Reported with the OCP console, but reproduced on the central console.
• The OCP console for a cluster named "my-new=cluster" shows an error page instead of security data.
• The error looks like: could not compute effective access scope for access scope with id ...: label selector from cluster names [my-new=cluster]: values ... [stackrox.io/authz.metadata.cluster.fqsn]: Invalid value: "my-new=cluster": a valid label must be an empty string or consist of alphanumeric characters, '-', '' or '.', and must start and end with an alphanumeric character (e.g. ..., regex used for validation is '(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?') ._

CONDITIONS
^{What conditions need to exist for a user to be affected? Is it everyone? Is it only those with a specific integration? Is it specific to someone with particular database content? etc.}

• An ACS access scopes exists with cluster selection by name targeting a cluster with an "exotic" name (for example containing the '=' character).
• The above access scope is referenced by a role.
• The above role is used to query central.

ROOT CAUSE
^{What is the root cause of the bug?}

• There is no restriction on ACS cluster naming
• The access scope resolution generates k8s label selectors to perform cluster selection.
• There are restrictions on the values used for k8s label selection.

FIX
^{How was the bug fixed (this is more important if a workaround was implemented rather than an actual fix)?}

• Do not use Kubernetes label selectors to perform selection by cluster name in the ACS access scope resolution