10 Key Insights into Kubernetes v1.36’s Fine-Grained Kubelet Authorization

By ⚡ min read
<p>Kubernetes v1.36 marks a major milestone for cluster security with the graduation of fine-grained kubelet API authorization to General Availability (GA). This feature, long anticipated by administrators and security teams, replaces the overly broad <code>nodes/proxy</code> permission with precise, least-privilege access controls. Below are ten essential things you need to know about this upgrade.</p> <h2 id="item-1">1. The Feature Has Been in Development Since v1.32</h2> <p>Introduced as an opt-in alpha feature in Kubernetes v1.32 under the <code>KubeletFineGrainedAuthz</code> feature gate, this mechanism underwent rigorous testing. It progressed to beta (enabled by default) in v1.33, and now in v1.36 it reaches GA with the feature gate locked to enabled. This graduated approach ensures stability and widespread validation before becoming a standard part of the cluster.</p><figure style="margin:20px 0"><img src="https://picsum.photos/seed/1972407267/800/450" alt="10 Key Insights into Kubernetes v1.36’s Fine-Grained Kubelet Authorization" style="width:100%;height:auto;border-radius:8px" loading="lazy"><figcaption style="font-size:12px;color:#666;margin-top:5px"></figcaption></figure> <h2 id="item-2">2. It Solves the Long-Standing nodes/proxy Problem</h2> <p>Previously, the kubelet’s HTTPS API relied on a single <code>nodes/proxy</code> subresource for authorization. This meant that any component needing to read metrics, logs, or health status required the same permission that allows executing commands inside containers. Such coarse-grained control forced administrators to grant excessive privileges, violating the principle of least privilege and expanding the attack surface. The new feature addresses this by introducing multiple, fine-grained subresources.</p> <h2 id="item-3">3. The Old Model Created Unnecessary Risk</h2> <p>Granting <code>nodes/proxy</code> to monitoring agents, log collectors, or health checkers essentially handed over node-level superuser access. If any of these workloads were compromised, an attacker could run arbitrary commands in every container on the node. This problem was well-documented in the community (see GitHub issue #83465) and the driving force behind <a href="https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/2862-kubelet-fine-grained-authorization">KEP-2862</a>.</p> <h2 id="item-4">4. Even Read-Only Permissions Could Be Abused via WebSocket</h2> <p>Security research in early 2026 revealed that the <code>nodes/proxy</code> GET permission—routinely considered read-only—could be exploited to execute commands in pods. The root cause lies in the WebSocket protocol (RFC 6455), which uses an HTTP GET handshake for initial connection. The kubelet maps this GET to the RBAC <code>get</code> verb without verifying that the subsequent write operation has <code>create</code> permission. Using tools like <code>websocat</code>, an attacker could directly reach the <code>/exec</code> endpoint on port 10250 and run arbitrary commands.</p> <h2 id="item-5">5. Fine-Grained Authorization Introduces Multiple Subresources</h2> <p>The new model replaces the single <code>nodes/proxy</code> with distinct subresources for different kubelet APIs. For example, there are subresources for <code>metrics</code>, <code>logs</code>, <code>runningpods</code>, <code>exec</code>, <code>attach</code>, and more. Each can be authorized individually, allowing administrators to grant exactly the permissions needed—no more, no less.</p> <h2 id="item-6">6. Key Benefits for Monitoring and Observability</h2> <p>Monitoring and observability tools (e.g., Prometheus, Fluentd) now require only the <code>get</code> verb on the specific subresource for metrics or logs, rather than blanket <code>nodes/proxy</code>. This aligns with least-privilege principles, reduces the blast radius of potential attacks, and simplifies auditing. Operators can grant read-only access to node-level data without inadvertently allowing container execution.</p> <h2 id="item-7">7. How to Migrate Existing RBAC Roles</h2> <p>Cluster administrators should update RBAC roles and bindings to use the new subresources. For instance, replace a <code>nodes/proxy</code> binding for a monitoring agent with a Role or ClusterRole that includes <code>get</code> on <code>nodes/&#60;node-name&#62;/proxy/metrics</code>. The Kubernetes documentation provides migration guides, and the feature gate being locked to enabled means all clusters v1.36+ are ready. It’s recommended to test in a non-production environment first.</p> <h2 id="item-8">8. Comparison with the Previous Authorization Model</h2> <p>Under the old model, a single RBAC rule allowed or denied all kubelet API paths. The new model introduces granular subresources (e.g., <code>nodes/metrics</code>, <code>nodes/logs</code>, <code>nodes/exec</code>) with independent verbs. This mirrors the approach used for the Kubernetes API server and provides a consistent security model across the control plane and nodes. The change is backward compatible for existing permissions, but deprecated usage of <code>nodes/proxy</code> will eventually be removed.</p> <h2 id="item-9">9. Community and SIG Involvement</h2> <p>This enhancement was a collaborative effort between SIG Auth and SIG Node, reflecting the importance of cross-team work in Kubernetes security. The proposal went through multiple reviews and community feedback cycles (see the original Kubernetes Enhancement Proposal). The graduation to GA signifies strong consensus and readiness for production use.</p> <h2 id="item-10">10. Future Directions: What Comes After GA?</h2> <p>With the feature now GA, the community will focus on deprecating the old <code>nodes/proxy</code> subresource. Future releases may refine the list of subresources and potentially add more fine-grained controls for new kubelet endpoints. Administrators are encouraged to start migrating now and to monitor Kubernetes changelogs for any breaking changes. This feature lays the groundwork for even more granular security controls in Kubernetes.</p> <p>In summary, the graduation of fine-grained kubelet authorization to GA in v1.36 is a huge step forward for cluster security. By eliminating the need for the dangerously broad <code>nodes/proxy</code> permission, Kubernetes now empowers operators to enforce least-privilege access for all node-level operations. Migrating to the new model not only reduces risk but also aligns with best practices for secure, multi-tenant environments. Take advantage of this feature today to harden your clusters.</p>