Merge pull request #38709 from luxas/fix_auth_kubeadm
Automatic merge from submit-queue
Set --anonymous-auth to false on v1.5 clusters to preserve the locked-down v1.4 behaviour
From discussions with sig-auth-people.
Without this patch, anyone can do basically anything, because the apiserver in v1.5 mode is unprotected due to that kubeadm doesn't have any ABAC/RBAC-authorizers.
@mikedanese @justinsb @deads2k @kubernetes/sig-cluster-lifecycle
Showing
Please
register
or
sign in
to comment