github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/avd_docs/google/gke/AVD-GCP-0062/docs.md

github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/avd_docs/google/gke/AVD-GCP-0062/docs.md (about)

     1  
     2  You should disable Attribute-Based Access Control (ABAC), and instead use Role-Based Access Control (RBAC) in GKE.
     3  
     4  RBAC has significant security advantages and is now stable in Kubernetes, so it’s time to disable ABAC.
     5  
     6  ### Impact
     7  ABAC permissions are less secure than RBAC permissions
     8  
     9  <!-- DO NOT CHANGE -->
    10  {{ remediationActions }}
    11  
    12  ### Links
    13  - https://cloud.google.com/kubernetes-engine/docs/how-to/hardening-your-cluster#leave_abac_disabled_default_for_110
    14  
    15