diff --git a/k8s_template/deployment.yaml b/k8s_template/deployment.yaml
new file mode 100644
index 0000000..90ac23c
--- /dev/null
+++ b/k8s_template/deployment.yaml
@@ -0,0 +1,48 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: log4shell
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: allow_all
+rules:
+  - apiGroups:
+      - '*'
+    resources:
+      - '*'
+    verbs:
+      - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: allow_all_bind
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: allow_all
+subjects:
+  - kind: ServiceAccount
+    name: log4shell
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: log4shell
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: log4shell
+  template:
+    metadata:
+      labels:
+        app: log4shell
+    spec:
+      serviceAccountName: log4shell
+      containers:
+      - name: log4shell
+        image: ghcr.io/christophetd/log4shell-vulnerable-app
+        imagePullPolicy: Always
diff --git a/k8s_template/service.yaml b/k8s_template/service.yaml
new file mode 100644
index 0000000..57ce0fb
--- /dev/null
+++ b/k8s_template/service.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: log4shell
+  labels:
+    app: log4shell
+spec:
+  type: LoadBalancer
+  selector:
+    app: log4shell
+  ports:
+  - port: 8080
+    name: http
+  selector:
+    app: log4shell