RBAC Atlas is a curated database of identities and the Role Based Access Control (RBAC) policies associated with them in popular Kubernetes open-source projects. Each entry includes security annotations that highlight granted permissions, potential risks, and possible abuse scenarios.

Why is RBAC important? RBAC is the final layer of defense in Kubernetes security. If workloads are compromised and an identity is stolen, a misconfigured or overly permissive RBAC policy (common with Operators) can enable attackers to move laterally within your cluster, potentially leading to a complete Kubernetes cluster takeover.

RBAC Atlas is a collaborative project created by Lenin Alevski, and contributions of additional RBAC rules are welcome. Check out the source on GitHub: rbac-scope (the CLI tool) and rbac-atlas (this website).

🚀 Top Risks

informationdisclosure dataexposure configmapaccess tampering potentialprivilegeescalation secretaccess credentialaccess reconnaissance clusterwidesecretaccess denialofservice See All →

📦 Top Categories

monitoring operator kubernetes prometheus metric observability database edp alerting metrics timeseries metricsql tsdb victoriametrics ci kube-prometheus cluster argoproj gitops authentication See All →

📜 All Projects

All A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

harbor

v1.18.2
0 1 0

An open source trusted cloud native registry that stores, signs, and scans content

hazelcast-platform-operator

v5.17.0-snapshot
9 Critical 4 High 1 Medium 56 Low 1 1 70

A Helm chart for installing Hazelcast Platform Operator which automates common management tasks such as configuring, creating, scaling, and recovering Hazelcast clusters on Kubernetes and Red Hat OpenShift. By taking care of manual deployment and life-cycle management, Hazelcast Platform Operator makes it simpler to work with Hazelcast clusters.

#BindingToPrivilegedRole  #ClusterAdminAccess  #ClusterWideSecretAccess  (+24 more)