Use RBAC permissions rather than ABAC
| Severity | Exploitability | Providers | Categories |
|---|---|---|---|
| HIGH | MEDIUM | Google Cloud Provider | PERMISSION |
Description
The Attribute-Based Access Control (ABAC) in GKE is not recommended. Use Role-Based Access Control (RBAC) instead.
Impact
| Potential data exposure | Visible in logs | User interaction required | Privileges required |
|---|---|---|---|
| True | False | False | False |
ABAC is considered a legacy authorization method, using it may lead to unwanted behaviors such as unauthorized resource access.
Remediation guidelines
Disable ABAC, Attribute-Based Access Control, and instead use RBAC, Role-Based Access Control.
References
Was this page helpful?
