High-risk tools in Kubernetes
8 of the 45 tools in Kubernetes are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
pods_execExecuteExecute a command in a Kubernetes Pod (shell access, run commands in container) in the current or provided namespace with the provided name and command
-
pods_runExecuteRun a Kubernetes Pod in the current or provided namespace with the provided container image and optional name
-
resources_scaleExecuteGet or update the scale of a Kubernetes resource in the current cluster by providing its apiVersion, kind, name, and optionally the namespace. If the scale is set in the tool ca...
-
tekton_pipeline_startExecuteStart a Tekton Pipeline by creating a PipelineRun that references it
-
tekton_pipelinerun_restartExecuteRestart a Tekton PipelineRun by creating a new PipelineRun with the same spec
-
tekton_task_startExecuteStart a Tekton Task by creating a TaskRun that references it
-
tekton_taskrun_restartExecuteRestart a Tekton TaskRun by creating a new TaskRun with the same spec
-
vm_lifecycleExecuteManage VirtualMachine lifecycle: start, stop, or restart a VM
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.