{
 "cells": [
  {
   "cell_type": "code",
   "execution_count": 1,
   "id": "9b75c9a1-99f3-42be-913c-2e38e0191a19",
   "metadata": {},
   "outputs": [],
   "source": [
    "from attacktree.models import Action, Block, Detect, Discovery, Edge, Root, Goal\n",
    "from attacktree.renderer import Renderer\n",
    "\n",
    "root = Root(\"Signed up to Azure\")\n",
    "goal = Goal(\"Access to other tenants data\")"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 2,
   "id": "e3e671e0-4f6d-4acf-af95-29bb6029a607",
   "metadata": {},
   "outputs": [
    {
     "data": {
      "text/plain": [
       "Goal:4374765040"
      ]
     },
     "execution_count": 2,
     "metadata": {},
     "output_type": "execute_result"
    }
   ],
   "source": [
    "# Direct path\n",
    "whoC = root.add(Action(\"Deploy WhoC container to view runtime\"))\n",
    "omgRunC = whoC.discover(\"OLD runc version 1.0.0-r2\")\n",
    "exploit = omgRunC.action(\"Deploy exploit container for CVE-2019-5736\")\n",
    "shell = Root(\"Reverse shell on worker node\")\n",
    "exploit.add(shell)\n",
    "creds = shell.discover(\"Read kubelet credentials from disk\")\n",
    "\n",
    "describePods = creds.action(\"Call KubeAPI describe pods\")\n",
    "pods = describePods.discover(\"100+ customer pods on 120 nodes\\nEach customer has their own namespace\")\n",
    "versions = describePods.discover(\"OLD Kubernetes versions v1.8.4, v1.9.10, v1.10.9\")\n",
    "anonymousAccess = describePods.discover(\"Kubelets run with anonymous access\")\n",
    "\n",
    "otherKubelet = anonymousAccess.action(\"Access another customer's kubelet\")\n",
    "blockedbyFirewall = otherKubelet.block(\"Blocked by firewall\", implemented=True)\n",
    "\n",
    "cve = versions.discover(\"CVE-2018-1002102 kube-api follows 302 redirect\")\n",
    "exploit2 = cve.action(\"Attempt to redirect to kube-api pod\")\n",
    "fail = exploit2.block(\"ACI uses a 'bridge' POD which is not impacted by this issue\",implemented=True)\n",
    "\n",
    "interesting = exploit2.discover(\"ServiceAccount in 'AuthorizationHeader' of Exec requests\")\n",
    "bridgeToken = interesting.discover(\"Decoded JWT shows this token belongs to 'bridge' service\")\n",
    "\n",
    "accessReview = bridgeToken.action(\"Call SelfSubjectAccessReview with 'bridge' token\")\n",
    "privs = accessReview.discover(\"Cluster-wide permissions\\npods/exec privilege\")\n",
    "\n",
    "gameOver = privs.action(\"Exec into shell on kube-API\")\n",
    "gameOver.add(goal)\n"
   ]
  },
  {
   "cell_type": "code",
   "execution_count": 3,
   "id": "34a4cab6-51ec-444e-a286-e979c869e3fb",
   "metadata": {},
   "outputs": [
    {
     "data": {
      "image/svg+xml": [
       "<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"no\"?>\n",
       "<!DOCTYPE svg PUBLIC \"-//W3C//DTD SVG 1.1//EN\"\n",
       " \"http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd\">\n",
       "<!-- Generated by graphviz version 2.47.1~dev.20210322.1530 (20210322.1530)\n",
       " -->\n",
       "<!-- Pages: 1 -->\n",
       "<svg width=\"1028pt\" height=\"1373pt\"\n",
       " viewBox=\"0.00 0.00 1028.00 1373.00\" xmlns=\"http://www.w3.org/2000/svg\" xmlns:xlink=\"http://www.w3.org/1999/xlink\">\n",
       "<g id=\"graph0\" class=\"graph\" transform=\"scale(1 1) rotate(0) translate(4 1369)\">\n",
       "<polygon fill=\"white\" stroke=\"transparent\" points=\"-4,4 -4,-1369 1024,-1369 1024,4 -4,4\"/>\n",
       "<!-- 100be65501814e69952ff4f586e2548c -->\n",
       "<g id=\"node1\" class=\"node\">\n",
       "<title>100be65501814e69952ff4f586e2548c</title>\n",
       "<path fill=\"#03fc9d\" stroke=\"#03fc9d\" d=\"M515.5,-1365C515.5,-1365 396.5,-1365 396.5,-1365 390.5,-1365 384.5,-1359 384.5,-1353 384.5,-1353 384.5,-1334 384.5,-1334 384.5,-1328 390.5,-1322 396.5,-1322 396.5,-1322 515.5,-1322 515.5,-1322 521.5,-1322 527.5,-1328 527.5,-1334 527.5,-1334 527.5,-1353 527.5,-1353 527.5,-1359 521.5,-1365 515.5,-1365\"/>\n",
       "<text text-anchor=\"middle\" x=\"456\" y=\"-1339.8\" font-family=\"Arial\" font-size=\"14.00\">Signed up to Azure</text>\n",
       "</g>\n",
       "<!-- 22ca9af3cb9f4ebf928389525202540b -->\n",
       "<g id=\"node2\" class=\"node\">\n",
       "<title>22ca9af3cb9f4ebf928389525202540b</title>\n",
       "<path fill=\"#ff5c5c\" stroke=\"transparent\" d=\"M577.5,-1277C577.5,-1277 334.5,-1277 334.5,-1277 328.5,-1277 322.5,-1271 322.5,-1265 322.5,-1265 322.5,-1246 322.5,-1246 322.5,-1240 328.5,-1234 334.5,-1234 334.5,-1234 577.5,-1234 577.5,-1234 583.5,-1234 589.5,-1240 589.5,-1246 589.5,-1246 589.5,-1265 589.5,-1265 589.5,-1271 583.5,-1277 577.5,-1277\"/>\n",
       "<text text-anchor=\"middle\" x=\"456\" y=\"-1251.8\" font-family=\"Arial\" font-size=\"14.00\">Deploy WhoC container to view runtime</text>\n",
       "</g>\n",
       "<!-- 100be65501814e69952ff4f586e2548c&#45;&gt;22ca9af3cb9f4ebf928389525202540b -->\n",
       "<g id=\"edge1\" class=\"edge\">\n",
       "<title>100be65501814e69952ff4f586e2548c&#45;&gt;22ca9af3cb9f4ebf928389525202540b</title>\n",
       "<path fill=\"none\" stroke=\"#1f1f1f\" d=\"M456,-1321.68C456,-1311.33 456,-1298.62 456,-1287.17\"/>\n",
       "<polygon fill=\"#1f1f1f\" stroke=\"#1f1f1f\" points=\"459.5,-1287.13 456,-1277.13 452.5,-1287.13 459.5,-1287.13\"/>\n",
       "<text text-anchor=\"middle\" x=\"470\" y=\"-1295.8\" font-family=\"Arial\" font-size=\"14.00\">Next</text>\n",
       "</g>\n",
       "<!-- 329f8a2fe4fa41d7a46f7369644e8a42 -->\n",
       "<g id=\"node3\" class=\"node\">\n",
       "<title>329f8a2fe4fa41d7a46f7369644e8a42</title>\n",
       "<path fill=\"#ffdc5c\" stroke=\"#ffdc5c\" d=\"M536.5,-1189C536.5,-1189 375.5,-1189 375.5,-1189 369.5,-1189 363.5,-1183 363.5,-1177 363.5,-1177 363.5,-1158 363.5,-1158 363.5,-1152 369.5,-1146 375.5,-1146 375.5,-1146 536.5,-1146 536.5,-1146 542.5,-1146 548.5,-1152 548.5,-1158 548.5,-1158 548.5,-1177 548.5,-1177 548.5,-1183 542.5,-1189 536.5,-1189\"/>\n",
       "<text text-anchor=\"middle\" x=\"456\" y=\"-1163.8\" font-family=\"Arial\" font-size=\"14.00\">OLD runc version 1.0.0&#45;r2</text>\n",
       "</g>\n",
       "<!-- 22ca9af3cb9f4ebf928389525202540b&#45;&gt;329f8a2fe4fa41d7a46f7369644e8a42 -->\n",
       "<g id=\"edge2\" class=\"edge\">\n",
       "<title>22ca9af3cb9f4ebf928389525202540b&#45;&gt;329f8a2fe4fa41d7a46f7369644e8a42</title>\n",
       "<path fill=\"none\" stroke=\"#1f1f1f\" d=\"M456,-1233.68C456,-1223.33 456,-1210.62 456,-1199.17\"/>\n",
       "<polygon fill=\"#1f1f1f\" stroke=\"#1f1f1f\" points=\"459.5,-1199.13 456,-1189.13 452.5,-1199.13 459.5,-1199.13\"/>\n",
       "<text text-anchor=\"middle\" x=\"473.5\" y=\"-1207.8\" font-family=\"Arial\" font-size=\"14.00\">Learn</text>\n",
       "</g>\n",
       "<!-- 7797cc26499f40728bc49d61b4ef4672 -->\n",
       "<g id=\"node4\" class=\"node\">\n",
       "<title>7797cc26499f40728bc49d61b4ef4672</title>\n",
       "<path fill=\"#ff5c5c\" stroke=\"transparent\" d=\"M590.5,-1101C590.5,-1101 321.5,-1101 321.5,-1101 315.5,-1101 309.5,-1095 309.5,-1089 309.5,-1089 309.5,-1070 309.5,-1070 309.5,-1064 315.5,-1058 321.5,-1058 321.5,-1058 590.5,-1058 590.5,-1058 596.5,-1058 602.5,-1064 602.5,-1070 602.5,-1070 602.5,-1089 602.5,-1089 602.5,-1095 596.5,-1101 590.5,-1101\"/>\n",
       "<text text-anchor=\"middle\" x=\"456\" y=\"-1075.8\" font-family=\"Arial\" font-size=\"14.00\">Deploy exploit container for CVE&#45;2019&#45;5736</text>\n",
       "</g>\n",
       "<!-- 329f8a2fe4fa41d7a46f7369644e8a42&#45;&gt;7797cc26499f40728bc49d61b4ef4672 -->\n",
       "<g id=\"edge3\" class=\"edge\">\n",
       "<title>329f8a2fe4fa41d7a46f7369644e8a42&#45;&gt;7797cc26499f40728bc49d61b4ef4672</title>\n",
       "<path fill=\"none\" stroke=\"#1f1f1f\" d=\"M456,-1145.68C456,-1135.33 456,-1122.62 456,-1111.17\"/>\n",
       "<polygon fill=\"#1f1f1f\" stroke=\"#1f1f1f\" points=\"459.5,-1111.13 456,-1101.13 452.5,-1111.13 459.5,-1111.13\"/>\n",
       "<text text-anchor=\"middle\" x=\"470\" y=\"-1119.8\" font-family=\"Arial\" font-size=\"14.00\">Next</text>\n",
       "</g>\n",
       "<!-- 7bfd0e4162234ec98266f4c3a2bba654 -->\n",
       "<g id=\"node5\" class=\"node\">\n",
       "<title>7bfd0e4162234ec98266f4c3a2bba654</title>\n",
       "<path fill=\"#03fc9d\" stroke=\"#03fc9d\" d=\"M547.5,-1027C547.5,-1027 364.5,-1027 364.5,-1027 358.5,-1027 352.5,-1021 352.5,-1015 352.5,-1015 352.5,-996 352.5,-996 352.5,-990 358.5,-984 364.5,-984 364.5,-984 547.5,-984 547.5,-984 553.5,-984 559.5,-990 559.5,-996 559.5,-996 559.5,-1015 559.5,-1015 559.5,-1021 553.5,-1027 547.5,-1027\"/>\n",
       "<text text-anchor=\"middle\" x=\"456\" y=\"-1001.8\" font-family=\"Arial\" font-size=\"14.00\">Reverse shell on worker node</text>\n",
       "</g>\n",
       "<!-- 7797cc26499f40728bc49d61b4ef4672&#45;&gt;7bfd0e4162234ec98266f4c3a2bba654 -->\n",
       "<g id=\"edge4\" class=\"edge\">\n",
       "<title>7797cc26499f40728bc49d61b4ef4672&#45;&gt;7bfd0e4162234ec98266f4c3a2bba654</title>\n",
       "<path fill=\"none\" stroke=\"#1f1f1f\" d=\"M456,-1057.67C456,-1051.35 456,-1044.26 456,-1037.43\"/>\n",
       "<polygon fill=\"#1f1f1f\" stroke=\"#1f1f1f\" points=\"459.5,-1037.03 456,-1027.03 452.5,-1037.03 459.5,-1037.03\"/>\n",
       "</g>\n",
       "<!-- b669ca7a2ba64192b6576c8c344a7db3 -->\n",
       "<g id=\"node6\" class=\"node\">\n",
       "<title>b669ca7a2ba64192b6576c8c344a7db3</title>\n",
       "<path fill=\"#ffdc5c\" stroke=\"#ffdc5c\" d=\"M562,-939C562,-939 350,-939 350,-939 344,-939 338,-933 338,-927 338,-927 338,-908 338,-908 338,-902 344,-896 350,-896 350,-896 562,-896 562,-896 568,-896 574,-902 574,-908 574,-908 574,-927 574,-927 574,-933 568,-939 562,-939\"/>\n",
       "<text text-anchor=\"middle\" x=\"456\" y=\"-913.8\" font-family=\"Arial\" font-size=\"14.00\">Read kubelet credentials from disk</text>\n",
       "</g>\n",
       "<!-- 7bfd0e4162234ec98266f4c3a2bba654&#45;&gt;b669ca7a2ba64192b6576c8c344a7db3 -->\n",
       "<g id=\"edge5\" class=\"edge\">\n",
       "<title>7bfd0e4162234ec98266f4c3a2bba654&#45;&gt;b669ca7a2ba64192b6576c8c344a7db3</title>\n",
       "<path fill=\"none\" stroke=\"#1f1f1f\" d=\"M456,-983.68C456,-973.33 456,-960.62 456,-949.17\"/>\n",
       "<polygon fill=\"#1f1f1f\" stroke=\"#1f1f1f\" points=\"459.5,-949.13 456,-939.13 452.5,-949.13 459.5,-949.13\"/>\n",
       "<text text-anchor=\"middle\" x=\"473.5\" y=\"-957.8\" font-family=\"Arial\" font-size=\"14.00\">Learn</text>\n",
       "</g>\n",
       "<!-- 3575bdd3de2540e9a789795ed78020d8 -->\n",
       "<g id=\"node7\" class=\"node\">\n",
       "<title>3575bdd3de2540e9a789795ed78020d8</title>\n",
       "<path fill=\"#ff5c5c\" stroke=\"transparent\" d=\"M542.5,-851C542.5,-851 369.5,-851 369.5,-851 363.5,-851 357.5,-845 357.5,-839 357.5,-839 357.5,-820 357.5,-820 357.5,-814 363.5,-808 369.5,-808 369.5,-808 542.5,-808 542.5,-808 548.5,-808 554.5,-814 554.5,-820 554.5,-820 554.5,-839 554.5,-839 554.5,-845 548.5,-851 542.5,-851\"/>\n",
       "<text text-anchor=\"middle\" x=\"456\" y=\"-825.8\" font-family=\"Arial\" font-size=\"14.00\">Call KubeAPI describe pods</text>\n",
       "</g>\n",
       "<!-- b669ca7a2ba64192b6576c8c344a7db3&#45;&gt;3575bdd3de2540e9a789795ed78020d8 -->\n",
       "<g id=\"edge6\" class=\"edge\">\n",
       "<title>b669ca7a2ba64192b6576c8c344a7db3&#45;&gt;3575bdd3de2540e9a789795ed78020d8</title>\n",
       "<path fill=\"none\" stroke=\"#1f1f1f\" d=\"M456,-895.68C456,-885.33 456,-872.62 456,-861.17\"/>\n",
       "<polygon fill=\"#1f1f1f\" stroke=\"#1f1f1f\" points=\"459.5,-861.13 456,-851.13 452.5,-861.13 459.5,-861.13\"/>\n",
       "<text text-anchor=\"middle\" x=\"470\" y=\"-869.8\" font-family=\"Arial\" font-size=\"14.00\">Next</text>\n",
       "</g>\n",
       "<!-- 6f32932f97654639a6be71f020f8472e -->\n",
       "<g id=\"node8\" class=\"node\">\n",
       "<title>6f32932f97654639a6be71f020f8472e</title>\n",
       "<path fill=\"#ffdc5c\" stroke=\"#ffdc5c\" d=\"M266,-763C266,-763 12,-763 12,-763 6,-763 0,-757 0,-751 0,-751 0,-717 0,-717 0,-711 6,-705 12,-705 12,-705 266,-705 266,-705 272,-705 278,-711 278,-717 278,-717 278,-751 278,-751 278,-757 272,-763 266,-763\"/>\n",
       "<text text-anchor=\"middle\" x=\"139\" y=\"-737.8\" font-family=\"Arial\" font-size=\"14.00\">100+ customer pods on 120 nodes</text>\n",
       "<text text-anchor=\"middle\" x=\"139\" y=\"-722.8\" font-family=\"Arial\" font-size=\"14.00\">Each customer has their own namespace</text>\n",
       "</g>\n",
       "<!-- 3575bdd3de2540e9a789795ed78020d8&#45;&gt;6f32932f97654639a6be71f020f8472e -->\n",
       "<g id=\"edge7\" class=\"edge\">\n",
       "<title>3575bdd3de2540e9a789795ed78020d8&#45;&gt;6f32932f97654639a6be71f020f8472e</title>\n",
       "<path fill=\"none\" stroke=\"#1f1f1f\" d=\"M386.43,-807.98C344.66,-795.66 290.7,-779.75 243.84,-765.92\"/>\n",
       "<polygon fill=\"#1f1f1f\" stroke=\"#1f1f1f\" points=\"244.54,-762.48 233.96,-763.01 242.56,-769.19 244.54,-762.48\"/>\n",
       "<text text-anchor=\"middle\" x=\"353.5\" y=\"-781.8\" font-family=\"Arial\" font-size=\"14.00\">Learn</text>\n",
       "</g>\n",
       "<!-- 080addb50de6451e8ca9e837296a4aad -->\n",
       "<g id=\"node9\" class=\"node\">\n",
       "<title>080addb50de6451e8ca9e837296a4aad</title>\n",
       "<path fill=\"#ffdc5c\" stroke=\"#ffdc5c\" d=\"M608,-755.5C608,-755.5 304,-755.5 304,-755.5 298,-755.5 292,-749.5 292,-743.5 292,-743.5 292,-724.5 292,-724.5 292,-718.5 298,-712.5 304,-712.5 304,-712.5 608,-712.5 608,-712.5 614,-712.5 620,-718.5 620,-724.5 620,-724.5 620,-743.5 620,-743.5 620,-749.5 614,-755.5 608,-755.5\"/>\n",
       "<text text-anchor=\"middle\" x=\"456\" y=\"-730.3\" font-family=\"Arial\" font-size=\"14.00\">OLD Kubernetes versions v1.8.4, v1.9.10, v1.10.9</text>\n",
       "</g>\n",
       "<!-- 3575bdd3de2540e9a789795ed78020d8&#45;&gt;080addb50de6451e8ca9e837296a4aad -->\n",
       "<g id=\"edge8\" class=\"edge\">\n",
       "<title>3575bdd3de2540e9a789795ed78020d8&#45;&gt;080addb50de6451e8ca9e837296a4aad</title>\n",
       "<path fill=\"none\" stroke=\"#1f1f1f\" d=\"M456,-807.75C456,-795.4 456,-779.51 456,-765.73\"/>\n",
       "<polygon fill=\"#1f1f1f\" stroke=\"#1f1f1f\" points=\"459.5,-765.69 456,-755.69 452.5,-765.69 459.5,-765.69\"/>\n",
       "<text text-anchor=\"middle\" x=\"473.5\" y=\"-781.8\" font-family=\"Arial\" font-size=\"14.00\">Learn</text>\n",
       "</g>\n",
       "<!-- 8df5eeffaa47491da8f05210fae4e053 -->\n",
       "<g id=\"node19\" class=\"node\">\n",
       "<title>8df5eeffaa47491da8f05210fae4e053</title>\n",
       "<path fill=\"#ffdc5c\" stroke=\"#ffdc5c\" d=\"M874,-755.5C874,-755.5 646,-755.5 646,-755.5 640,-755.5 634,-749.5 634,-743.5 634,-743.5 634,-724.5 634,-724.5 634,-718.5 640,-712.5 646,-712.5 646,-712.5 874,-712.5 874,-712.5 880,-712.5 886,-718.5 886,-724.5 886,-724.5 886,-743.5 886,-743.5 886,-749.5 880,-755.5 874,-755.5\"/>\n",
       "<text text-anchor=\"middle\" x=\"760\" y=\"-730.3\" font-family=\"Arial\" font-size=\"14.00\">Kubelets run with anonymous access</text>\n",
       "</g>\n",
       "<!-- 3575bdd3de2540e9a789795ed78020d8&#45;&gt;8df5eeffaa47491da8f05210fae4e053 -->\n",
       "<g id=\"edge18\" class=\"edge\">\n",
       "<title>3575bdd3de2540e9a789795ed78020d8&#45;&gt;8df5eeffaa47491da8f05210fae4e053</title>\n",
       "<path fill=\"none\" stroke=\"#1f1f1f\" d=\"M522.71,-807.98C570.15,-793.39 633.97,-773.76 683.48,-758.54\"/>\n",
       "<polygon fill=\"#1f1f1f\" stroke=\"#1f1f1f\" points=\"684.65,-761.84 693.18,-755.55 682.59,-755.15 684.65,-761.84\"/>\n",
       "<text text-anchor=\"middle\" x=\"635.5\" y=\"-781.8\" font-family=\"Arial\" font-size=\"14.00\">Learn</text>\n",
       "</g>\n",
       "<!-- 9ac757e6f06b4b9a8df1931c23c4df20 -->\n",
       "<g id=\"node10\" class=\"node\">\n",
       "<title>9ac757e6f06b4b9a8df1931c23c4df20</title>\n",
       "<path fill=\"#ffdc5c\" stroke=\"#ffdc5c\" d=\"M605.5,-660C605.5,-660 306.5,-660 306.5,-660 300.5,-660 294.5,-654 294.5,-648 294.5,-648 294.5,-629 294.5,-629 294.5,-623 300.5,-617 306.5,-617 306.5,-617 605.5,-617 605.5,-617 611.5,-617 617.5,-623 617.5,-629 617.5,-629 617.5,-648 617.5,-648 617.5,-654 611.5,-660 605.5,-660\"/>\n",
       "<text text-anchor=\"middle\" x=\"456\" y=\"-634.8\" font-family=\"Arial\" font-size=\"14.00\">CVE&#45;2018&#45;1002102 kube&#45;api follows 302 redirect</text>\n",
       "</g>\n",
       "<!-- 080addb50de6451e8ca9e837296a4aad&#45;&gt;9ac757e6f06b4b9a8df1931c23c4df20 -->\n",
       "<g id=\"edge9\" class=\"edge\">\n",
       "<title>080addb50de6451e8ca9e837296a4aad&#45;&gt;9ac757e6f06b4b9a8df1931c23c4df20</title>\n",
       "<path fill=\"none\" stroke=\"#1f1f1f\" d=\"M456,-712.25C456,-699.9 456,-684.01 456,-670.23\"/>\n",
       "<polygon fill=\"#1f1f1f\" stroke=\"#1f1f1f\" points=\"459.5,-670.19 456,-660.19 452.5,-670.19 459.5,-670.19\"/>\n",
       "<text text-anchor=\"middle\" x=\"473.5\" y=\"-678.8\" font-family=\"Arial\" font-size=\"14.00\">Learn</text>\n",
       "</g>\n",
       "<!-- e9485a1a8add4e65891e2c25ad5a21ae -->\n",
       "<g id=\"node11\" class=\"node\">\n",
       "<title>e9485a1a8add4e65891e2c25ad5a21ae</title>\n",
       "<path fill=\"#ff5c5c\" stroke=\"transparent\" d=\"M562,-572C562,-572 350,-572 350,-572 344,-572 338,-566 338,-560 338,-560 338,-541 338,-541 338,-535 344,-529 350,-529 350,-529 562,-529 562,-529 568,-529 574,-535 574,-541 574,-541 574,-560 574,-560 574,-566 568,-572 562,-572\"/>\n",
       "<text text-anchor=\"middle\" x=\"456\" y=\"-546.8\" font-family=\"Arial\" font-size=\"14.00\">Attempt to redirect to kube&#45;api pod</text>\n",
       "</g>\n",
       "<!-- 9ac757e6f06b4b9a8df1931c23c4df20&#45;&gt;e9485a1a8add4e65891e2c25ad5a21ae -->\n",
       "<g id=\"edge10\" class=\"edge\">\n",
       "<title>9ac757e6f06b4b9a8df1931c23c4df20&#45;&gt;e9485a1a8add4e65891e2c25ad5a21ae</title>\n",
       "<path fill=\"none\" stroke=\"#1f1f1f\" d=\"M456,-616.68C456,-606.33 456,-593.62 456,-582.17\"/>\n",
       "<polygon fill=\"#1f1f1f\" stroke=\"#1f1f1f\" points=\"459.5,-582.13 456,-572.13 452.5,-582.13 459.5,-582.13\"/>\n",
       "<text text-anchor=\"middle\" x=\"470\" y=\"-590.8\" font-family=\"Arial\" font-size=\"14.00\">Next</text>\n",
       "</g>\n",
       "<!-- 81fcb88a0c6941afb4d8cff9d209fb01 -->\n",
       "<g id=\"node12\" class=\"node\">\n",
       "<title>81fcb88a0c6941afb4d8cff9d209fb01</title>\n",
       "<path fill=\"#5cc1ff\" stroke=\"transparent\" d=\"M617.5,-484C617.5,-484 254.5,-484 254.5,-484 248.5,-484 242.5,-478 242.5,-472 242.5,-472 242.5,-453 242.5,-453 242.5,-447 248.5,-441 254.5,-441 254.5,-441 617.5,-441 617.5,-441 623.5,-441 629.5,-447 629.5,-453 629.5,-453 629.5,-472 629.5,-472 629.5,-478 623.5,-484 617.5,-484\"/>\n",
       "<text text-anchor=\"middle\" x=\"436\" y=\"-458.8\" font-family=\"Arial\" font-size=\"14.00\">ACI uses a &#39;bridge&#39; POD which is not impacted by this issue</text>\n",
       "</g>\n",
       "<!-- e9485a1a8add4e65891e2c25ad5a21ae&#45;&gt;81fcb88a0c6941afb4d8cff9d209fb01 -->\n",
       "<g id=\"edge11\" class=\"edge\">\n",
       "<title>e9485a1a8add4e65891e2c25ad5a21ae&#45;&gt;81fcb88a0c6941afb4d8cff9d209fb01</title>\n",
       "<path fill=\"none\" stroke=\"#1f1f1f\" d=\"M451.16,-528.68C448.75,-518.33 445.79,-505.62 443.13,-494.17\"/>\n",
       "<polygon fill=\"#1f1f1f\" stroke=\"#1f1f1f\" points=\"446.47,-493.07 440.8,-484.13 439.65,-494.66 446.47,-493.07\"/>\n",
       "<text text-anchor=\"middle\" x=\"459\" y=\"-502.8\" font-family=\"Arial\" font-size=\"14.00\">Fail</text>\n",
       "</g>\n",
       "<!-- 8648efde6dba4f6d824bcc324f1617f3 -->\n",
       "<g id=\"node13\" class=\"node\">\n",
       "<title>8648efde6dba4f6d824bcc324f1617f3</title>\n",
       "<path fill=\"#ffdc5c\" stroke=\"#ffdc5c\" d=\"M1006,-484C1006,-484 656,-484 656,-484 650,-484 644,-478 644,-472 644,-472 644,-453 644,-453 644,-447 650,-441 656,-441 656,-441 1006,-441 1006,-441 1012,-441 1018,-447 1018,-453 1018,-453 1018,-472 1018,-472 1018,-478 1012,-484 1006,-484\"/>\n",
       "<text text-anchor=\"middle\" x=\"831\" y=\"-458.8\" font-family=\"Arial\" font-size=\"14.00\">ServiceAccount in &#39;AuthorizationHeader&#39; of Exec requests</text>\n",
       "</g>\n",
       "<!-- e9485a1a8add4e65891e2c25ad5a21ae&#45;&gt;8648efde6dba4f6d824bcc324f1617f3 -->\n",
       "<g id=\"edge12\" class=\"edge\">\n",
       "<title>e9485a1a8add4e65891e2c25ad5a21ae&#45;&gt;8648efde6dba4f6d824bcc324f1617f3</title>\n",
       "<path fill=\"none\" stroke=\"#1f1f1f\" d=\"M545.82,-528.9C601.84,-516.05 674,-499.5 731.72,-486.27\"/>\n",
       "<polygon fill=\"#1f1f1f\" stroke=\"#1f1f1f\" points=\"732.62,-489.65 741.59,-484.01 731.06,-482.83 732.62,-489.65\"/>\n",
       "<text text-anchor=\"middle\" x=\"683.5\" y=\"-502.8\" font-family=\"Arial\" font-size=\"14.00\">Learn</text>\n",
       "</g>\n",
       "<!-- 1b3a509adc0f4db89e26536b618c6549 -->\n",
       "<g id=\"node14\" class=\"node\">\n",
       "<title>1b3a509adc0f4db89e26536b618c6549</title>\n",
       "<path fill=\"#ffdc5c\" stroke=\"#ffdc5c\" d=\"M1008,-396C1008,-396 654,-396 654,-396 648,-396 642,-390 642,-384 642,-384 642,-365 642,-365 642,-359 648,-353 654,-353 654,-353 1008,-353 1008,-353 1014,-353 1020,-359 1020,-365 1020,-365 1020,-384 1020,-384 1020,-390 1014,-396 1008,-396\"/>\n",
       "<text text-anchor=\"middle\" x=\"831\" y=\"-370.8\" font-family=\"Arial\" font-size=\"14.00\">Decoded JWT shows this token belongs to &#39;bridge&#39; service</text>\n",
       "</g>\n",
       "<!-- 8648efde6dba4f6d824bcc324f1617f3&#45;&gt;1b3a509adc0f4db89e26536b618c6549 -->\n",
       "<g id=\"edge13\" class=\"edge\">\n",
       "<title>8648efde6dba4f6d824bcc324f1617f3&#45;&gt;1b3a509adc0f4db89e26536b618c6549</title>\n",
       "<path fill=\"none\" stroke=\"#1f1f1f\" d=\"M831,-440.68C831,-430.33 831,-417.62 831,-406.17\"/>\n",
       "<polygon fill=\"#1f1f1f\" stroke=\"#1f1f1f\" points=\"834.5,-406.13 831,-396.13 827.5,-406.13 834.5,-406.13\"/>\n",
       "<text text-anchor=\"middle\" x=\"848.5\" y=\"-414.8\" font-family=\"Arial\" font-size=\"14.00\">Learn</text>\n",
       "</g>\n",
       "<!-- 4fcadf27369840b8bde670010e5499fa -->\n",
       "<g id=\"node15\" class=\"node\">\n",
       "<title>4fcadf27369840b8bde670010e5499fa</title>\n",
       "<path fill=\"#ff5c5c\" stroke=\"transparent\" d=\"M980.5,-308C980.5,-308 681.5,-308 681.5,-308 675.5,-308 669.5,-302 669.5,-296 669.5,-296 669.5,-277 669.5,-277 669.5,-271 675.5,-265 681.5,-265 681.5,-265 980.5,-265 980.5,-265 986.5,-265 992.5,-271 992.5,-277 992.5,-277 992.5,-296 992.5,-296 992.5,-302 986.5,-308 980.5,-308\"/>\n",
       "<text text-anchor=\"middle\" x=\"831\" y=\"-282.8\" font-family=\"Arial\" font-size=\"14.00\">Call SelfSubjectAccessReview with &#39;bridge&#39; token</text>\n",
       "</g>\n",
       "<!-- 1b3a509adc0f4db89e26536b618c6549&#45;&gt;4fcadf27369840b8bde670010e5499fa -->\n",
       "<g id=\"edge14\" class=\"edge\">\n",
       "<title>1b3a509adc0f4db89e26536b618c6549&#45;&gt;4fcadf27369840b8bde670010e5499fa</title>\n",
       "<path fill=\"none\" stroke=\"#1f1f1f\" d=\"M831,-352.68C831,-342.33 831,-329.62 831,-318.17\"/>\n",
       "<polygon fill=\"#1f1f1f\" stroke=\"#1f1f1f\" points=\"834.5,-318.13 831,-308.13 827.5,-318.13 834.5,-318.13\"/>\n",
       "<text text-anchor=\"middle\" x=\"845\" y=\"-326.8\" font-family=\"Arial\" font-size=\"14.00\">Next</text>\n",
       "</g>\n",
       "<!-- 3a7b49913eb74c44b568b7820bb91c64 -->\n",
       "<g id=\"node16\" class=\"node\">\n",
       "<title>3a7b49913eb74c44b568b7820bb91c64</title>\n",
       "<path fill=\"#ffdc5c\" stroke=\"#ffdc5c\" d=\"M909,-220C909,-220 753,-220 753,-220 747,-220 741,-214 741,-208 741,-208 741,-174 741,-174 741,-168 747,-162 753,-162 753,-162 909,-162 909,-162 915,-162 921,-168 921,-174 921,-174 921,-208 921,-208 921,-214 915,-220 909,-220\"/>\n",
       "<text text-anchor=\"middle\" x=\"831\" y=\"-194.8\" font-family=\"Arial\" font-size=\"14.00\">Cluster&#45;wide permissions</text>\n",
       "<text text-anchor=\"middle\" x=\"831\" y=\"-179.8\" font-family=\"Arial\" font-size=\"14.00\">pods/exec privilege</text>\n",
       "</g>\n",
       "<!-- 4fcadf27369840b8bde670010e5499fa&#45;&gt;3a7b49913eb74c44b568b7820bb91c64 -->\n",
       "<g id=\"edge15\" class=\"edge\">\n",
       "<title>4fcadf27369840b8bde670010e5499fa&#45;&gt;3a7b49913eb74c44b568b7820bb91c64</title>\n",
       "<path fill=\"none\" stroke=\"#1f1f1f\" d=\"M831,-264.75C831,-254.6 831,-242.04 831,-230.24\"/>\n",
       "<polygon fill=\"#1f1f1f\" stroke=\"#1f1f1f\" points=\"834.5,-230.14 831,-220.14 827.5,-230.14 834.5,-230.14\"/>\n",
       "<text text-anchor=\"middle\" x=\"848.5\" y=\"-238.8\" font-family=\"Arial\" font-size=\"14.00\">Learn</text>\n",
       "</g>\n",
       "<!-- b36fe6c46cac485aab7f40d61c3cf78b -->\n",
       "<g id=\"node17\" class=\"node\">\n",
       "<title>b36fe6c46cac485aab7f40d61c3cf78b</title>\n",
       "<path fill=\"#ff5c5c\" stroke=\"transparent\" d=\"M916,-117C916,-117 746,-117 746,-117 740,-117 734,-111 734,-105 734,-105 734,-86 734,-86 734,-80 740,-74 746,-74 746,-74 916,-74 916,-74 922,-74 928,-80 928,-86 928,-86 928,-105 928,-105 928,-111 922,-117 916,-117\"/>\n",
       "<text text-anchor=\"middle\" x=\"831\" y=\"-91.8\" font-family=\"Arial\" font-size=\"14.00\">Exec into shell on kube&#45;API</text>\n",
       "</g>\n",
       "<!-- 3a7b49913eb74c44b568b7820bb91c64&#45;&gt;b36fe6c46cac485aab7f40d61c3cf78b -->\n",
       "<g id=\"edge16\" class=\"edge\">\n",
       "<title>3a7b49913eb74c44b568b7820bb91c64&#45;&gt;b36fe6c46cac485aab7f40d61c3cf78b</title>\n",
       "<path fill=\"none\" stroke=\"#1f1f1f\" d=\"M831,-161.95C831,-151.02 831,-138.47 831,-127.29\"/>\n",
       "<polygon fill=\"#1f1f1f\" stroke=\"#1f1f1f\" points=\"834.5,-127.1 831,-117.1 827.5,-127.1 834.5,-127.1\"/>\n",
       "<text text-anchor=\"middle\" x=\"845\" y=\"-135.8\" font-family=\"Arial\" font-size=\"14.00\">Next</text>\n",
       "</g>\n",
       "<!-- 922a555493774a75bd5eb926f516eebd -->\n",
       "<g id=\"node18\" class=\"node\">\n",
       "<title>922a555493774a75bd5eb926f516eebd</title>\n",
       "<path fill=\"#03fc9d\" stroke=\"#03fc9d\" d=\"M919,-43C919,-43 743,-43 743,-43 737,-43 731,-37 731,-31 731,-31 731,-12 731,-12 731,-6 737,0 743,0 743,0 919,0 919,0 925,0 931,-6 931,-12 931,-12 931,-31 931,-31 931,-37 925,-43 919,-43\"/>\n",
       "<text text-anchor=\"middle\" x=\"831\" y=\"-17.8\" font-family=\"Arial\" font-size=\"14.00\">Access to other tenants data</text>\n",
       "</g>\n",
       "<!-- b36fe6c46cac485aab7f40d61c3cf78b&#45;&gt;922a555493774a75bd5eb926f516eebd -->\n",
       "<g id=\"edge17\" class=\"edge\">\n",
       "<title>b36fe6c46cac485aab7f40d61c3cf78b&#45;&gt;922a555493774a75bd5eb926f516eebd</title>\n",
       "<path fill=\"none\" stroke=\"#1f1f1f\" d=\"M831,-73.67C831,-67.35 831,-60.26 831,-53.43\"/>\n",
       "<polygon fill=\"#1f1f1f\" stroke=\"#1f1f1f\" points=\"834.5,-53.03 831,-43.03 827.5,-53.03 834.5,-53.03\"/>\n",
       "</g>\n",
       "<!-- c01d3c01085247dc9375700c04e00ea4 -->\n",
       "<g id=\"node20\" class=\"node\">\n",
       "<title>c01d3c01085247dc9375700c04e00ea4</title>\n",
       "<path fill=\"#ff5c5c\" stroke=\"transparent\" d=\"M867.5,-660C867.5,-660 652.5,-660 652.5,-660 646.5,-660 640.5,-654 640.5,-648 640.5,-648 640.5,-629 640.5,-629 640.5,-623 646.5,-617 652.5,-617 652.5,-617 867.5,-617 867.5,-617 873.5,-617 879.5,-623 879.5,-629 879.5,-629 879.5,-648 879.5,-648 879.5,-654 873.5,-660 867.5,-660\"/>\n",
       "<text text-anchor=\"middle\" x=\"760\" y=\"-634.8\" font-family=\"Arial\" font-size=\"14.00\">Access another customer&#39;s kubelet</text>\n",
       "</g>\n",
       "<!-- 8df5eeffaa47491da8f05210fae4e053&#45;&gt;c01d3c01085247dc9375700c04e00ea4 -->\n",
       "<g id=\"edge19\" class=\"edge\">\n",
       "<title>8df5eeffaa47491da8f05210fae4e053&#45;&gt;c01d3c01085247dc9375700c04e00ea4</title>\n",
       "<path fill=\"none\" stroke=\"#1f1f1f\" d=\"M760,-712.25C760,-699.9 760,-684.01 760,-670.23\"/>\n",
       "<polygon fill=\"#1f1f1f\" stroke=\"#1f1f1f\" points=\"763.5,-670.19 760,-660.19 756.5,-670.19 763.5,-670.19\"/>\n",
       "<text text-anchor=\"middle\" x=\"774\" y=\"-678.8\" font-family=\"Arial\" font-size=\"14.00\">Next</text>\n",
       "</g>\n",
       "<!-- 3e5da008aa3940e6b617239bfb01dffc -->\n",
       "<g id=\"node21\" class=\"node\">\n",
       "<title>3e5da008aa3940e6b617239bfb01dffc</title>\n",
       "<path fill=\"#5cc1ff\" stroke=\"transparent\" d=\"M818,-572C818,-572 702,-572 702,-572 696,-572 690,-566 690,-560 690,-560 690,-541 690,-541 690,-535 696,-529 702,-529 702,-529 818,-529 818,-529 824,-529 830,-535 830,-541 830,-541 830,-560 830,-560 830,-566 824,-572 818,-572\"/>\n",
       "<text text-anchor=\"middle\" x=\"760\" y=\"-546.8\" font-family=\"Arial\" font-size=\"14.00\">Blocked by firewall</text>\n",
       "</g>\n",
       "<!-- c01d3c01085247dc9375700c04e00ea4&#45;&gt;3e5da008aa3940e6b617239bfb01dffc -->\n",
       "<g id=\"edge20\" class=\"edge\">\n",
       "<title>c01d3c01085247dc9375700c04e00ea4&#45;&gt;3e5da008aa3940e6b617239bfb01dffc</title>\n",
       "<path fill=\"none\" stroke=\"#1f1f1f\" d=\"M760,-616.68C760,-606.33 760,-593.62 760,-582.17\"/>\n",
       "<polygon fill=\"#1f1f1f\" stroke=\"#1f1f1f\" points=\"763.5,-582.13 760,-572.13 756.5,-582.13 763.5,-582.13\"/>\n",
       "<text text-anchor=\"middle\" x=\"771\" y=\"-590.8\" font-family=\"Arial\" font-size=\"14.00\">Fail</text>\n",
       "</g>\n",
       "</g>\n",
       "</svg>\n"
      ],
      "text/plain": [
       "<graphviz.dot.Digraph at 0x104c73a30>"
      ]
     },
     "execution_count": 3,
     "metadata": {},
     "output_type": "execute_result"
    }
   ],
   "source": [
    "Renderer().buildDot22(root)"
   ]
  }
 ],
 "metadata": {
  "kernelspec": {
   "display_name": "Python 3 (ipykernel)",
   "language": "python",
   "name": "python3"
  },
  "language_info": {
   "codemirror_mode": {
    "name": "ipython",
    "version": 3
   },
   "file_extension": ".py",
   "mimetype": "text/x-python",
   "name": "python",
   "nbconvert_exporter": "python",
   "pygments_lexer": "ipython3",
   "version": "3.9.5"
  }
 },
 "nbformat": 4,
 "nbformat_minor": 5
}