Security · Flashcard

Why is leaving the API server's --authorization-mode=AlwaysAllow dangerous?

  • AIt approves every authorization request, effectively disabling authorization and least privilege
  • BIt forces every incoming request to fall back to anonymous authentication on the secure port
  • CIt disables TLS on the API server, so all authorization traffic is sent unencrypted over 6443
  • DIt deletes all existing RBAC Roles and RoleBindings the next time the API server is restarted

Why this is the answer

AlwaysAllow is the opposite of RBAC — any authenticated caller can do anything, making least privilege impossible. It does not force anonymous authentication, does not disable TLS, and does not delete RBAC objects.

Official docs
Study in Gnoseed →