tekton-custom-task :: RBAC ATLAS

Description

A Helm chart for Tekton Custom Tasks

Identity	Namespace	Automount	Secrets	Permissions	Workloads	Risk
`edp-tekton-custom-task`	default	❌	—	8	1	Critical

Numbers in the last two columns indicate how many bindings or workloads involve each ServiceAccount.

Namespace: default | Automount: ❌

Role	Resource	Verbs	Risk	Tags
Role `edp-tekton-custom-task-leader-election-role`	coordination.k8s.io/leases	create · delete · get · list · patch · update · watch	Critical	ControlPlaneDisruption CriticalNamespace DenialOfService Tampering
Role `edp-tekton-custom-task-leader-election-role`	core/configmaps	create · delete · get · list · patch · update · watch	High	ConfigMapAccess DataExposure InformationDisclosure PotentialPrivilegeEscalation Tampering
ClusterRole `edp-tekton-custom-task-default-role`	edp.epam.com/approvaltasks	create · delete · get · list · patch · update · watch	Low
ClusterRole `edp-tekton-custom-task-default-role`	edp.epam.com/approvaltasks/finalizers	update	Low
ClusterRole `edp-tekton-custom-task-default-role`	edp.epam.com/approvaltasks/status	get · patch · update	Low
ClusterRole `edp-tekton-custom-task-default-role`	tekton.dev/customruns	get · list · patch · update · watch	Low
ClusterRole `edp-tekton-custom-task-default-role`	tekton.dev/customruns/status	get · patch · update	Low
Role `edp-tekton-custom-task-leader-election-role`	core/events	create · patch	Low

The following security risks were found based on the above permissions:

Kind	Name	Container	Image
Deployment	tekton-custom-task	tekton-custom-task	epamedp/tekton-custom-task:0.2.0