jenkins :: RBAC ATLAS

Description

Jenkins - Build great things at any scale! As the leading open source automation server, Jenkins provides over 2000 plugins to support building, deploying and automating any project.

Overview

Identity	Namespace	Automount	Secrets	Permissions	Workloads	Risk
`jenkins`	default	✅	—	6	2	High

Numbers in the last two columns indicate how many bindings or workloads involve each ServiceAccount.

Identities

🤖 `jenkins`

Namespace: default | Automount: ✅

🔑 Permissions (6)

Role	Resource	Verbs	Risk	Tags
Role `jenkins-schedule-agents`	core/pods	create · delete · deletecollection · get · list · patch · update · watch	High	LateralMovement Persistence PotentialPrivilegeEscalation Tampering WorkloadExecution
Role `jenkins-schedule-agents`	core/pods/exec	create · delete · deletecollection · get · list · patch · update · watch	High	CodeExecution LateralMovement PodExec PotentialPrivilegeEscalation
Role `jenkins-casc-reload`	core/configmaps	get · list · watch	Medium	ConfigMapAccess DataExposure InformationDisclosure
Role `jenkins-schedule-agents`	core/pods/log	get · list · watch	Medium	DataExposure InformationDisclosure LogAccess
Role `jenkins-schedule-agents`	core/events	get · list · watch	Low
Role `jenkins-schedule-agents`	core/persistentvolumeclaims	create · delete · deletecollection · get · list · patch · update · watch	Low

⚠️ Potential Abuse (6)

The following security risks were found based on the above permissions:

📦 Workloads (2)

Kind	Name	Container	Image
StatefulSet	jenkins	config-reload	docker.io/kiwigrid/k8s-sidecar:1.30.3
StatefulSet	jenkins	jenkins	docker.io/jenkins/jenkins:2.504.2-jdk21

jenkins