Description

Legacy Authorization, also known as Attribute-Based Access Control (ABAC) has been superseded by Role-Based Access Control (RBAC) and is not under active development. RBAC is the recommended way to manage permissions in Kubernetes. It was detected that {GcpGkeCluster} uses ABAC instead of RBAC.

• 

  Recommended Mitigation

  It is recommended to disable Legacy Authorization on {GcpGkeCluster}. For more info: <a href="https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control," target="_blank" rel="noopener noreferrer">https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control,</a> <a href="https://cloud.google.com/kubernetes-engine/docs/how-to/hardening-your-cluster#leave_abac_disabled_default_for_110" target="_blank" rel="noopener noreferrer">https://cloud.google.com/kubernetes-engine/docs/how-to/hardening-your-cluster#leave_abac_disabled_default_for_110</a>