Use RBAC permissions rather than ABAC
Severity | Exploitability | Providers | Categories |
---|---|---|---|
HIGH | MEDIUM | Google Cloud Provider | PERMISSION |
Description
The Attribute-Based Access Control (ABAC) in GKE is not recommended. Use Role-Based Access Control (RBAC) instead.
Impact
Potential data exposure | Visible in logs | User interaction required | Privileges required |
---|---|---|---|
True | False | False | False |
ABAC is considered a legacy authorization method, using it may lead to unwanted behaviors such as unauthorized resource access.
Remediation guidelines
Disable ABAC, Attribute-Based Access Control, and instead use RBAC, Role-Based Access Control.