RBAC Atlas is a curated database of identities and the Role Based Access Control (RBAC) policies associated with them in popular Kubernetes open-source projects. Each entry includes security annotations that highlight granted permissions, potential risks, and possible abuse scenarios.

Why is RBAC important? RBAC is the final layer of defense in Kubernetes security. If workloads are compromised and an identity is stolen, a misconfigured or overly permissive RBAC policy (common with Operators) can enable attackers to move laterally within your cluster, potentially leading to a complete Kubernetes cluster takeover.

RBAC Atlas is a collaborative project created by Lenin Alevski, and contributions of additional RBAC rules are welcome. Check out the source on GitHub: rbac-scope (the CLI tool) and rbac-atlas (this website).

🚀 Top Risks

informationdisclosure dataexposure configmapaccess reconnaissance credentialaccess secretaccess clusterstructure tampering potentialprivilegeescalation clusterwidesecretaccess See All →

📦 Top Categories

monitoring operator prometheus kubernetes metric database cluster alerting gitops argoproj kube-prometheus observability argocd storage sql gitlab metrics http php web See All →

📜 All Projects

All A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

kafka

v32.4.3
2 1 0

Apache Kafka is a distributed streaming platform designed to build real-time pipelines and can be used as a message broker or as a replacement for a log aggregation solution for big data applications.

keycloak

v25.2.0
2 2 0

Keycloak is a high performance Java-based identity and access management solution. It lets developers add an authentication layer to their applications with minimum effort.

mariadb

v25.0.1
1 1 0

MariaDB is an open source, community-developed SQL database server that is widely in use around the world due to its enterprise features, flexibility, and collaboration with leading tech firms.