maintain-kubeusers (https://gerrit.wikimedia.org/g/labs/tools/maintain-kubeusers) is largely for toolforge maintenance, managing quotas, namespaces, and creating a .kube/config for each tool account.
PAWS doesn't do most of these things, quotas are managed statically on the singleuser pod, users all share the same namespace, and non-admin users do not get a .kube/config. Indeed the only thing that the maintain-kubeusers seems to do is for admin users it drops a .kube/config file in their home directories on PAWS nodes. This can be overcome by copying it from /etc. It would come with a few extra abilities, though at the same time, one has to be an admin user, so they would have sudo regardless so far as I know.