7 Crucial Insights Into Kubernetes v1.36's Fine-Grained Kubelet Authorization GA
Kubernetes v1.36 GA: fine-grained kubelet authorization replaces nodes/proxy, closes WebSocket RCE, and enforces least-privilege access. 7 key insights.
Welcome to a new era of Kubernetes security! With the release of v1.36, the fine-grained kubelet API authorization feature has officially graduated to General Availability (GA). This milestone, championed by SIG Auth and SIG Node, marks a fundamental shift in how we control access to kubelet endpoints. Instead of relying on the dangerously broad nodes/proxy permission, administrators can now define precise, least-privilege rules for monitoring, logging, and debugging tasks. In this article, we break down the seven most important things you need to know about this update—from its origins in the community to its practical implications for your clusters. Use the links below to jump to any section.
- 1. The Feature’s Journey to GA
- 2. The Problem with Coarse-Grained Authorization
- 3. The Hidden RCE Risk in WebSocket Connections
- 4. How Fine-Grained Authorization Works
- 5. Benefits for Least-Privilege Security
- 6. Migration and Compatibility Considerations
- 7. Community Impact and What Comes Next
1. The Feature’s Journey to GA
First introduced as an alpha feature (opt-in) in Kubernetes v1.32, the KubeletFineGrainedAuthz feature gate evolved through beta in v1.33 (enabled by default) and now reaches GA in v1.36. With this graduation, the feature gate is locked to enabled, meaning all clusters using v1.36 automatically benefit from tighter kubelet access controls. This progression reflects extensive testing and community feedback, ensuring the new authorization model is both stable and performant. The GA status signals that this is no longer experimental—it’s a recommended security practice for every cluster operator.
2. The Problem with Coarse-Grained Authorization
Previously, webhook authorization mapped almost all kubelet API paths—from pod listings to container exec—to a single nodes/proxy subresource. Granting this permission to monitoring agents or log collectors meant they also received the ability to execute arbitrary commands inside any container on the node. This violates the principle of least privilege, and if such agents are compromised, an attacker gains node-level superuser access. The community long recognized this as a critical security gap (see kubernetes/kubernetes#83465), which drove the creation of KEP-2862.
3. The Hidden RCE Risk in WebSocket Connections
Security researchers demonstrated in early 2026 that even the read-only nodes/proxy GET permission—routinely granted to monitoring tools—can be abused to achieve remote code execution. The root cause lies in how WebSocket connections are handled: the initial handshake uses an HTTP GET, which maps to the RBAC get verb. The kubelet authorizes this GET without verifying that the caller also has create permission for the subsequent write operation (e.g., /exec). Using tools like websocat, an attacker with a valid token can reach the kubelet’s /exec endpoint on port 10250 and run commands in any pod. This attack vector is entirely neutralized by fine-grained authorization.
4. How Fine-Grained Authorization Works
Instead of the monolithic nodes/proxy, the GA feature introduces distinct subresources for each kubelet API: nodes/log, nodes/metrics, nodes/exec, nodes/runningpods, and more. RBAC rules can now grant permissions to exactly the endpoints a workload requires—e.g., a monitoring agent needs only get on nodes/metrics and nodes/runningpods, not nodes/proxy. The kubelet performs authorization using the same webhook or ABAC mechanisms, but with the new subresource paths. This granularity eliminates the need for broad proxy permissions and dramatically reduces the blast radius of a compromised component.
5. Benefits for Least-Privilege Security
Adopting fine-grained authorization directly enforces least-privilege principles. Monitoring agents, log collectors, and health-check tools can be scoped to exactly the data they need—metrics, logs, or pod status—without exposing container execution capabilities. This reduces the risk of lateral movement in case of a breach. Additionally, it simplifies audit and compliance efforts: administrators can now reason about exactly which identities can read logs versus execute commands. The change also aligns with zero-trust architectures, where every request must be explicitly authorized with minimal rights.
6. Migration and Compatibility Considerations
For existing clusters upgrading to v1.36, the transition is largely seamless because the feature gate is locked enabled. However, any custom RBAC policies or webhooks that relied on nodes/proxy will need updating. The Kubernetes project provides migration guidance: replace nodes/proxy rules with specific subresource rules (e.g., nodes/metrics, nodes/log). Tools and agents that use the kubelet API should be updated to request the new, more specific permissions. Until all components are migrated, administrators can temporarily maintain backward compatibility by keeping the broad permission alongside fine-grained rules, but this is discouraged due to security implications. Thorough testing before production rollout is advised.
7. Community Impact and What Comes Next
This GA release is a direct response to long-standing community security concerns. It closes a dangerous attack vector (the WebSocket RCE) and sets a precedent for more granular authorization within Kubernetes. The change also encourages ecosystem tooling—such as Prometheus, Fluentd, and custom monitoring solutions—to adopt the new subresources, making clusters more secure by default. Future efforts may extend similar fine-grained patterns to other API surfaces, like the kube-apiserver proxy. For now, operators are strongly advised to review their kubelet authorization policies and adopt the new model as part of their standard security hardening.
Conclusion: Kubernetes v1.36’s GA of fine-grained kubelet authorization is a game-changer for cluster security. It eliminates the need for the overly permissive nodes/proxy role and closes a critical WebSocket-based RCE vector. By following the principles outlined in this article—especially migrating to specific subresource permissions—you can significantly reduce your attack surface. Stay secure, stay updated, and embrace least-privilege access control in your Kubernetes environments.