GKE Legacy Authorization Enabled
- Query id: df58d46c-783b-43e0-bdd0-d99164f712ee
- Query name: GKE Legacy Authorization Enabled
- Platform: GoogleDeploymentManager
- Severity: High
- Category: Insecure Configurations
- URL: Github
Description¶
Kubernetes Engine Clusters must have Legacy Authorization set to disabled, which means the attribute 'legacyAbac.enabled' must be false.
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
resources:
- name: cluster
type: container.v1.cluster
properties:
description: my-cluster
legacyAbac:
enabled: true