RBAC Atlas is a curated database of identities and the Role Based Access Control (RBAC) policies associated with them in popular Kubernetes open-source projects. Each entry includes security annotations that highlight granted permissions, potential risks, and possible abuse scenarios.
Why is RBAC important? RBAC is the final layer of defense in Kubernetes security. If workloads are compromised and an identity is stolen, a misconfigured or overly permissive RBAC policy (common with Operators) can enable attackers to move laterally within your cluster, potentially leading to a complete Kubernetes cluster takeover.
RBAC Atlas is a collaborative project created by Lenin Alevski, and contributions of additional RBAC rules are welcome. Check out the source on GitHub: rbac-scope (the CLI tool) and rbac-atlas (this website).
monitoring operator kubernetes prometheus metric observability database edp alerting metrics timeseries metricsql tsdb victoriametrics ci kube-prometheus cluster argoproj gitops authentication See All →
kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards, and Prometheus rules combined with documentation and scripts to provide easy to operate end-to-end Kubernetes cluster monitoring with Prometheus using the Prometheus Operator.
Install kube-state-metrics to generate and expose cluster-level metrics
General-purpose web UI for Kubernetes clusters
KubeStash, Kubernetes native backup operator by AppsCode
KubeVault Operator by AppsCode - HashiCorp Vault operator for Kubernetes
A Helm chart for Kubevious
A Helm chart for kured
Kubernetes Native Policy Management
A Helm chart for Lightrun k8s operator
Kubernetes operator for managing Limitador instances, a rate limiting service to protect your APIs.
