RBAC Atlas is a curated database of identities and the Role Based Access Control (RBAC) policies associated with them in popular Kubernetes open-source projects. Each entry includes security annotations that highlight granted permissions, potential risks, and possible abuse scenarios.

Why is RBAC important? RBAC is the final layer of defense in Kubernetes security. If workloads are compromised and an identity is stolen, a misconfigured or overly permissive RBAC policy (common with Operators) can enable attackers to move laterally within your cluster, potentially leading to a complete Kubernetes cluster takeover.

RBAC Atlas is a collaborative project created by Lenin Alevski, and contributions of additional RBAC rules are welcome.

🚀 Top Risks

informationdisclosure dataexposure tampering potentialprivilegeescalation configmapaccess reconnaissance credentialaccess secretaccess denialofservice persistence See All →

📦 Top Categories

operator monitoring kubernetes prometheus database cluster metrics observability metric storage sql metricsql timeseries tsdb victoriametrics gitlab postgres security alerting argoproj See All →

📜 All Projects

All A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

minio

v17.0.11
1 1 0

MinIO(R) is an object storage server, compatible with Amazon S3 cloud storage service, mainly used for storing unstructured data (such as photos, videos, log files, etc.).

mysql

v13.0.3
1 1 0

MySQL is a fast, reliable, scalable, and easy to use open source relational database system. Designed to handle mission-critical, heavy-load production applications.

nextcloud

v7.0.0
4 6 0

A file sharing server that puts the control and security of your own data back into your hands.