Description

A Helm chart for Argo Rollouts

Overview

IdentityNamespaceAutomountSecretsPermissionsWorkloadsRisk
argo-rolloutsdefault121Critical

Numbers in the last two columns indicate how many bindings or workloads involve each ServiceAccount.

Identities

🤖 argo-rollouts

Namespace: default  |  Automount:

🔑 Permissions (12)

RoleResourceVerbsRiskTags
ClusterRole argo-rollouts-clusterrolebatch/jobscreate · delete · get · list · patch · update · watchCriticalPotentialPrivilegeEscalation PrivilegeEscalation Tampering WorkloadLifecycle
ClusterRole argo-rollouts-clusterrolecore/secretsget · list · watchCriticalClusterWideSecretAccess CredentialAccess DataExposure InformationDisclosure SecretAccess
ClusterRole argo-rollouts-clusterroleargoproj.io/analysisrunscreate · delete · get · list · patch · update · watchLow
ClusterRole argo-rollouts-clusterroleargoproj.io/analysistemplatesget · list · watchLow
ClusterRole argo-rollouts-clusterrolecore/eventscreate · patch · updateLow
ClusterRole argo-rollouts-clusterroleargoproj.io/experimentscreate · delete · get · list · patch · update · watchLow
ClusterRole argo-rollouts-clusterroleextensions/ingressescreate · get · list · patch · watchLow
ClusterRole argo-rollouts-clusterrolecore/podsdelete · listLow
ClusterRole argo-rollouts-clusterroleapps/replicasetscreate · delete · get · list · patch · update · watchLow
ClusterRole argo-rollouts-clusterroleargoproj.io/rolloutsget · list · patch · update · watchLow
ClusterRole argo-rollouts-clusterrolecore/servicesget · list · patch · watchLow
ClusterRole argo-rollouts-clusterrolenetworking.istio.io/virtualservicesget · update · watchLow

⚠️ Potential Abuse (5)

The following security risks were found based on the above permissions:

📦 Workloads (1)

KindNameContainerImage
Deploymentargo-rolloutsargo-rolloutsargoproj/argo-rollouts:v0.8.3