velero :: RBAC ATLAS

Description

A Helm chart for velero

Identity	Namespace	Automount	Secrets	Permissions	Workloads	Risk
`velero-server`	default	✅	—	1	1	Critical
`velero-server-upgrade-crds`	default	✅	—	1	1	Low

Numbers in the last two columns indicate how many bindings or workloads involve each ServiceAccount.

Namespace: default | Automount: ✅

Role	Resource	Verbs	Risk	Tags
Role `velero-server`	/	*	Critical	AvailabilityImpact BindingToPrivilegedRole CodeExecution ConfigMapAccess ControlPlaneDisruption (+40 more)

The following security risks were found based on the above permissions:

Kind	Name	Container	Image
Deployment	velero	velero	velero/velero:v1.16.1

Namespace: default | Automount: ✅

Role	Resource	Verbs	Risk	Tags
ClusterRole `velero-upgrade-crds`	apiextensions.k8s.io/customresourcedefinitions	create · get · list · patch · update	Low

The following security risks were found based on the above permissions:

Kind	Name	Container	Image
Job	velero-upgrade-crds	velero	velero/velero:v1.16.1