It was found that the API server configuration admission control plugins parameter does not include 'NodeRestriction'. An admission controller is a code which being executed after the request authentication and authorization in order to validate it or change it. This admission controller limits the node and pos objects a kubelet can modify.
Recommended Mitigation
It is recommended to include the NodeRestriction plugin in the '--enable-admission-plugins' parameter.
Best practices
