promtail
v6.17.0
1 Service Accounts
1 Workloads
5 Bindings
5 Low
Description
Promtail is an agent which ships the contents of local logs to a Loki instance
Overview
| Identity | Namespace | Automount | Secrets | Permissions | Workloads | Risk |
|---|---|---|---|---|---|---|
promtail | default | ✅ | — | 5 | 1 | Low |
Numbers in the last two columns indicate how many bindings or workloads involve each ServiceAccount.
Identities
🤖 promtail
Namespace: default | Automount: ✅
🔑 Permissions (5)
| Role | Resource | Verbs | Risk | Tags |
|---|---|---|---|---|
ClusterRole promtail | core/endpoints | get · list · watch | Low | |
ClusterRole promtail | core/nodes | get · list · watch | Low | |
ClusterRole promtail | core/nodes/proxy | get · list · watch | Low | |
ClusterRole promtail | core/pods | get · list · watch | Low | |
ClusterRole promtail | core/services | get · list · watch | Low |
⚠️ Potential Abuse (1)
The following security risks were found based on the above permissions:
📦 Workloads (1)
| Kind | Name | Container | Image |
|---|---|---|---|
| DaemonSet | promtail | promtail | docker.io/grafana/promtail:3.5.1 |