runtime-sensors
v101.3.1
1 Service Accounts
1 Workloads
29 Bindings
29 Low
Description
Helm chart for the deployment of JFrog Runtime Security Agents within a Kubernetes environment.
Overview
| Identity | Namespace | Automount | Secrets | Permissions | Workloads | Risk |
|---|---|---|---|---|---|---|
runtimesa | default | ❌ | — | 29 | 1 | Low |
Numbers in the last two columns indicate how many bindings or workloads involve each ServiceAccount.
Identities
🤖 runtimesa
Namespace: default | Automount: ❌
🔑 Permissions (29)
| Role | Resource | Verbs | Risk | Tags |
|---|---|---|---|---|
Role configmap-creator | core/configmaps | create · get · update | Low | |
ClusterRole runtime-view-default | apps/deployments | get · list · watch | Low | |
ClusterRole runtime-view-default | core/deployments | get · list · watch | Low | |
ClusterRole runtime-view-default | deployments/deployments | get · list · watch | Low | |
ClusterRole runtime-view-default | extensions/deployments | get · list · watch | Low | |
ClusterRole runtime-view-default | nodes/deployments | get · list · watch | Low | |
ClusterRole runtime-view-default | pods/deployments | get · list · watch | Low | |
ClusterRole runtime-view-default | v1/deployments | get · list · watch | Low | |
ClusterRole runtime-view-default | apps/nodes | get · list · watch | Low | |
ClusterRole runtime-view-default | core/nodes | get · list · watch | Low | |
ClusterRole runtime-view-default | deployments/nodes | get · list · watch | Low | |
ClusterRole runtime-view-default | extensions/nodes | get · list · watch | Low | |
ClusterRole runtime-view-default | nodes/nodes | get · list · watch | Low | |
ClusterRole runtime-view-default | pods/nodes | get · list · watch | Low | |
ClusterRole runtime-view-default | v1/nodes | get · list · watch | Low | |
ClusterRole runtime-view-default | apps/pods | get · list · watch | Low | |
ClusterRole runtime-view-default | core/pods | get · list · watch | Low | |
ClusterRole runtime-view-default | deployments/pods | get · list · watch | Low | |
ClusterRole runtime-view-default | extensions/pods | get · list · watch | Low | |
ClusterRole runtime-view-default | nodes/pods | get · list · watch | Low | |
ClusterRole runtime-view-default | pods/pods | get · list · watch | Low | |
ClusterRole runtime-view-default | v1/pods | get · list · watch | Low | |
ClusterRole runtime-view-default | apps/replicationcontrollers | get · list · watch | Low | |
ClusterRole runtime-view-default | core/replicationcontrollers | get · list · watch | Low | |
ClusterRole runtime-view-default | deployments/replicationcontrollers | get · list · watch | Low | |
ClusterRole runtime-view-default | extensions/replicationcontrollers | get · list · watch | Low | |
ClusterRole runtime-view-default | nodes/replicationcontrollers | get · list · watch | Low | |
ClusterRole runtime-view-default | pods/replicationcontrollers | get · list · watch | Low | |
ClusterRole runtime-view-default | v1/replicationcontrollers | get · list · watch | Low |
⚠️ Potential Abuse (1)
The following security risks were found based on the above permissions:
📦 Workloads (1)
| Kind | Name | Container | Image |
|---|---|---|---|
| Deployment | jfs-runtime-controller | jfs-runtime-controller | releases-docker.jfrog.io/jfrog/runtime-k8s-controller:1.3.1 |