Description

The Kubedoop operator for Hbase

Overview

IdentityNamespaceAutomountSecretsPermissionsWorkloadsRisk
hbase-operatordefault81Critical

Numbers in the last two columns indicate how many bindings or workloads involve each ServiceAccount.


Identities

🤖 hbase-operator

Namespace: default  |  Automount:

🔑 Permissions (8)

RoleResourceVerbsRiskTags
ClusterRole hbase-operatorcore/configmapscreate · delete · get · list · patch · update · watchCriticalConfigMapAccess DataExposure InformationDisclosure PotentialPrivilegeEscalation Tampering
ClusterRole hbase-operatorcore/secretscreate · delete · get · list · patch · update · watchCriticalClusterWideSecretAccess CredentialAccess DataExposure InformationDisclosure Persistence (+4 more)
ClusterRole hbase-operatorcore/servicescreate · delete · get · list · patch · update · watchCriticalDenialOfService NetworkManipulation ServiceExposure Tampering
ClusterRole hbase-operatorapps/statefulsetscreate · delete · get · list · patch · update · watchCriticalPersistence PotentialPrivilegeEscalation PrivilegeEscalation Tampering WorkloadLifecycle
ClusterRole hbase-operatorauthentication.kubedoop.dev/authenticationclassesget · list · watchLow
ClusterRole hbase-operatorhbase.kubedoop.dev/hbaseclusterscreate · delete · get · list · patch · update · watchLow
ClusterRole hbase-operatorhbase.kubedoop.dev/hbaseclusters/finalizersupdateLow
ClusterRole hbase-operatorhbase.kubedoop.dev/hbaseclusters/statusget · patch · updateLow

⚠️ Potential Abuse (13)

The following security risks were found based on the above permissions:

📦 Workloads (1)

KindNameContainerImage
Deploymenthbase-operatorhbase-operatorquay.io/zncdatadev/hbase-operator:0.2.0