It was found that the API server configuration admission control plugins parameter does not include 'AlwaysAdmit'. An admission controller is a code which being executed after the request authentication and authorization in order to validate it or change it. This admission controller allows all requests without filtering.
Recommended Mitigation
It is recommended to include the AlwaysAdmit plugin in the '--enable-admission-plugins' parameter.
Best practices
