RBAC Atlas is a curated database of identities and the Role Based Access Control (RBAC) policies associated with them in popular Kubernetes open-source projects. Each entry includes security annotations that highlight granted permissions, potential risks, and possible abuse scenarios.

Why is RBAC important? RBAC is the final layer of defense in Kubernetes security. If workloads are compromised and an identity is stolen, a misconfigured or overly permissive RBAC policy (common with Operators) can enable attackers to move laterally within your cluster, potentially leading to a complete Kubernetes cluster takeover.

RBAC Atlas is a collaborative project created by Lenin Alevski, and contributions of additional RBAC rules are welcome.

🚀 Top Risks

informationdisclosure reconnaissance dataexposure configmapaccess potentialprivilegeescalation tampering credentialaccess clusterstructure secretaccess clusterwidesecretaccess See All →

📦 Top Categories

database operator cluster sql storage argocd argoproj gitops kube-prometheus kubernetes postgres postgresql prometheus consumer ingress kafka keyvalue monitoring producer redis See All →

📜 All Projects

All A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

postgresql

v16.7.10
1 1 0

PostgreSQL (Postgres) is an open source object-relational database known for reliability and data integrity. ACID-compliant, it supports foreign keys, joins, views, triggers and stored procedures.

#letter-P 

rabbitmq

v16.0.7
1 1 0

RabbitMQ is an open source general-purpose message broker that is designed for consistent, highly-available messaging scenarios (both synchronous and asynchronous).

#letter-R 

redis

v21.2.1
2 2 0

Redis(R) is an open source, advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets.

#letter-R