Agent Scope

Read-Only Access Model

The OpsWorker Kubernetes Agent operates in read-only mode. It gathers data for investigations but never modifies your cluster.

Allowed Operations

Operation	Kubernetes Verbs	Examples
Get	get	Retrieve a specific resource by name
List	list	List resources in a namespace or cluster-wide
Watch	watch	Observe resource changes
Logs	get (pods/log)	Read container stdout/stderr

Blocked Operations

The agent cannot perform any write operations:

Operation	Kubernetes Verbs
Create	create
Update	update, patch
Delete	delete
Execute	create (pods/exec)

Resources Accessed

Resource	What's Read	What's Not Read
Pods	Status, spec, labels, annotations, logs	—
Deployments	Spec, status, replicas, strategy	—
Services	Spec, selectors, ports, endpoints	—
Ingresses	Rules, backends, TLS config	—
ConfigMaps	Contents (non-sensitive config)	—
Secrets	Metadata (name, labels, annotations)	Values are never read
Events	All event details	—
Nodes	Status, conditions, capacity	—
Namespaces	Names, labels, status	—

Data That Leaves the Cluster

During an investigation, the following data is sent to OpsWorker's cloud for AI analysis:

• Resource metadata (names, labels, annotations, specs)
• Pod logs (recent container output)
• Kubernetes events
• Service endpoint status
• Resource configurations (sanitized)

Data That Stays in the Cluster

• Secret values — Only secret metadata (names, labels) is read; values never leave the cluster
• Raw filesystem data — The agent doesn't mount or read container filesystems
• Network traffic — The agent doesn't capture or inspect network traffic

Namespace Scoping

By default, the agent can access resources across all namespaces. You can restrict access to specific namespaces using RBAC. See RBAC Configuration.

Next Steps

• RBAC — Restrict agent access to specific namespaces
• Safe Execution Model — How recommendations work