| Plugin Title | Legacy Authorization Disabled |
| Cloud | |
| Category | Kubernetes |
| Description | Ensure legacy authorization is set to disabled on Kubernetes clusters |
| More Info | The legacy authorizer in Kubernetes grants broad, statically defined permissions. |
| GOOGLE Link | https://cloud.google.com/kubernetes-engine/docs/how-to/hardening-your-cluster |
| Recommended Action | Disable legacy authorization on all clusters. |
- Log into the Google Cloud Platform Console.
- Scroll down the left navigation panel and choose the "Kubernetes Engine" option under the "Compute" and select the "Clusters."
- On the "Kubernetes clusters" page , click on the "Name" as a link option to select the cluster.
- On the "Clusters" page, click on the "Edit" button at the top.
- Scroll down the "Clusters - Edit" page and check whether "Legacy Authorisation" is enabled or disabled. If it's set to enabled then it's not as per the best recommended method.
- Repeat steps number 2 - 5 to verify other "Clusters" in the account.
- Navigate to the "Kubernetes Engine" option under the "Compute", choose the "Clusters" and click on the "Edit" button at the top.
- On the "Clusters - Edit" page, scroll down and choose the "Disabled" option from the dropdown menu next to "Legacy Authorisation."
- Click on the "Save" button to make the changes.
- Repeat steps number 7 - 9 to disable legacy authorization on all clusters.
