Skip to main content

Agent Scope

Read-Only Access Model

The OpsWorker Kubernetes Agent operates in read-only mode. It gathers data for investigations but never modifies your cluster.

Allowed Operations

OperationKubernetes VerbsExamples
GetgetRetrieve a specific resource by name
ListlistList resources in a namespace or cluster-wide
WatchwatchObserve resource changes
Logsget (pods/log)Read container stdout/stderr

Blocked Operations

The agent cannot perform any write operations:

OperationKubernetes Verbs
Createcreate
Updateupdate, patch
Deletedelete
Executecreate (pods/exec)

Resources Accessed

ResourceWhat's ReadWhat's Not Read
PodsStatus, spec, labels, annotations, logs-
DeploymentsSpec, status, replicas, strategy-
ServicesSpec, selectors, ports, endpoints-
IngressesRules, backends, TLS config-
ConfigMapsContents (non-sensitive config)-
SecretsMetadata (name, labels, annotations)Values are not accessible by default
EventsAll event details-
NodesStatus, conditions, capacity-
NamespacesNames, labels, status-

Data That Leaves the Cluster

During an investigation, the following data is sent to OpsWorker's cloud for AI analysis:

  • Resource metadata (names, labels, annotations, specs)
  • Pod logs (recent container output)
  • Kubernetes events
  • Service endpoint status
  • Resource configurations (sanitized)

Data That Stays in the Cluster

  • Secret values: only Secret metadata (names, labels) is read. The agent binds to the built-in view ClusterRole, which does not grant access to Secret data; reading Secret values is opt-in and disabled by default.
  • Raw filesystem data: the agent does not mount or read container filesystems
  • Network traffic: the agent does not capture or inspect network traffic

Namespace Scoping

By default, the agent binds to the built-in view ClusterRole and can read resources across all namespaces. There is no chart toggle to limit it to specific namespaces; scoping requires hand-rolled Role/RoleBinding resources. See RBAC Configuration.

Next Steps