Agent Scope
Read-Only Access Model
The OpsWorker Kubernetes Agent operates in read-only mode. It gathers data for investigations but never modifies your cluster.
Allowed Operations
| Operation | Kubernetes Verbs | Examples |
|---|---|---|
| Get | get | Retrieve a specific resource by name |
| List | list | List resources in a namespace or cluster-wide |
| Watch | watch | Observe resource changes |
| Logs | get (pods/log) | Read container stdout/stderr |
Blocked Operations
The agent cannot perform any write operations:
| Operation | Kubernetes Verbs |
|---|---|
| Create | create |
| Update | update, patch |
| Delete | delete |
| Execute | create (pods/exec) |
Resources Accessed
| Resource | What's Read | What's Not Read |
|---|---|---|
| Pods | Status, spec, labels, annotations, logs | - |
| Deployments | Spec, status, replicas, strategy | - |
| Services | Spec, selectors, ports, endpoints | - |
| Ingresses | Rules, backends, TLS config | - |
| ConfigMaps | Contents (non-sensitive config) | - |
| Secrets | Metadata (name, labels, annotations) | Values are not accessible by default |
| Events | All event details | - |
| Nodes | Status, conditions, capacity | - |
| Namespaces | Names, labels, status | - |
Data That Leaves the Cluster
During an investigation, the following data is sent to OpsWorker's cloud for AI analysis:
- Resource metadata (names, labels, annotations, specs)
- Pod logs (recent container output)
- Kubernetes events
- Service endpoint status
- Resource configurations (sanitized)
Data That Stays in the Cluster
- Secret values: only Secret metadata (names, labels) is read. The agent binds to the built-in
viewClusterRole, which does not grant access to Secret data; reading Secret values is opt-in and disabled by default. - Raw filesystem data: the agent does not mount or read container filesystems
- Network traffic: the agent does not capture or inspect network traffic
Namespace Scoping
By default, the agent binds to the built-in view ClusterRole and can read resources across all namespaces. There is no chart toggle to limit it to specific namespaces; scoping requires hand-rolled Role/RoleBinding resources. See RBAC Configuration.
Next Steps
- RBAC - Restrict agent access to specific namespaces
- Safe Execution Model - How recommendations work