RBAC Atlas is a curated database of identities and the Role Based Access Control (RBAC) policies associated with them in popular Kubernetes open-source projects. Each entry includes security annotations that highlight granted permissions, potential risks, and possible abuse scenarios.

Why is RBAC important? RBAC is the final layer of defense in Kubernetes security. If workloads are compromised and an identity is stolen, a misconfigured or overly permissive RBAC policy (common with Operators) can enable attackers to move laterally within your cluster, potentially leading to a complete Kubernetes cluster takeover.

RBAC Atlas is a collaborative project created by Lenin Alevski, and contributions of additional RBAC rules are welcome.

🚀 Top Risks

informationdisclosure dataexposure configmapaccess tampering potentialprivilegeescalation credentialaccess secretaccess reconnaissance denialofservice clusterwidesecretaccess See All →

📦 Top Categories

operator monitoring kubernetes database prometheus cluster observability metrics metric sql edp storage redis metricsql timeseries tsdb victoriametrics gitlab postgres git See All →

📜 All Projects

All A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

etcd

v12.0.18
1 2 0

etcd is a distributed key-value store designed to securely store data across a cluster. etcd is widely used in production on account of its reliability, fault-tolerance and ease of use.