Vendor services misconfigurations

GKE using Legacy Authorization (ABAC)

Compliance Frameworks


Legacy Authorization, also known as Attribute-Based Access Control (ABAC) has been superseded by Role-Based Access Control (RBAC) and is not under active development. RBAC is the recommended way to manage permissions in Kubernetes. It was detected that {GcpGkeCluster} uses ABAC instead of RBAC.