Description

Official HashiCorp Vault Chart

Overview

IdentityNamespaceAutomountSecretsPermissionsWorkloadsRisk
vault-agent-injectordefault11Medium
vaultdefault01

Numbers in the last two columns indicate how many bindings or workloads involve each ServiceAccount.

Identities

🤖 vault-agent-injector

Namespace: default  |  Automount:

🔑 Permissions (1)

RoleResourceVerbsRiskTags
ClusterRole vault-agent-injector-clusterroleadmissionregistration.k8s.io/mutatingwebhookconfigurationsget · list · patch · watchMediumInformationDisclosure Reconnaissance WebhookReconnaissance

⚠️ Potential Abuse (2)

The following security risks were found based on the above permissions:

📦 Workloads (1)

KindNameContainerImage
Deploymentvault-agent-injectorsidecar-injectorhashicorp/vault-k8s:1.6.2

🤖 vault

Namespace: default  |  Automount:

🔑 Permissions (0)

No explicit RBAC bindings.

📦 Workloads (1)

KindNameContainerImage
StatefulSetvaultvaulthashicorp/vault:1.19.0