Kubernetes v1.36 Delivers Fine-Grained Kubelet API Authorization at General Availability

<h2>Introduction</h2> <p>The Kubernetes community has reached a significant security milestone with the graduation of fine-grained kubelet API authorization to General Availability (GA) in version 1.36. This feature, introduced as an alpha opt-in in v1.32 and promoted to beta (enabled by default) in v1.33, is now locked in as a stable capability. It replaces the overly permissive <code>nodes/proxy</code> permission with precise, least-privilege access controls for the kubelet’s HTTPS API, addressing a long-standing security concern in cluster monitoring and observability workflows.</p><figure style="margin:20px 0"><img src="https://picsum.photos/seed/2479443302/800/450" alt="Kubernetes v1.36 Delivers Fine-Grained Kubelet API Authorization at General Availability" style="width:100%;height:auto;border-radius:8px" loading="lazy"><figcaption style="font-size:12px;color:#666;margin-top:5px"></figcaption></figure> <h2 id="coarse-grained">The Problem with Coarse-Grained Authorization</h2> <p>The kubelet exposes an HTTPS endpoint that provides access to data of varying sensitivity: pod listings, node metrics, container logs, and the ability to execute commands inside running containers. Historically, when webhook authorization was enabled, nearly all kubelet API paths were mapped to a single <code>nodes/proxy</code> subresource. This meant that any workload needing to read metrics or health status required the same permission that grants arbitrary command execution in any container on the node.</p> <h3>The Principle of Least Privilege Violation</h3> <p>Granting <code>nodes/proxy</code> to monitoring agents, log collectors, or health checkers violates the principle of least privilege. If any of those workloads is compromised, the attacker gains node-level superuser capabilities—effectively the ability to run commands in every container on the node. This dramatically increases the blast radius of any security incident.</p> <h3 id="websocket-risk">The WebSocket RCE Risk</h3> <p>The situation is even more severe than it appears. Security researchers demonstrated in early 2026 that even the <code>nodes/proxy GET</code> permission—routinely granted as a minimal read-only permission to monitoring tools—can be exploited to execute commands in any pod on reachable nodes. The root cause lies in a mismatch between the WebSocket protocol and the kubelet’s RBAC verb mapping. WebSocket requires an HTTP GET for the initial handshake, and the kubelet maps this GET to the <code>get</code> verb without a secondary check to confirm <code>create</code> permission for the subsequent write operation. Using a tool like <code>websocat</code>, an attacker can directly reach the kubelet’s <code>/exec</code> endpoint on port 10250 and execute arbitrary commands with a simple command:</p> <pre><code>websocat --insecure --header "Authorization: Bearer $TOKEN" --protocol v4.channel.k8s.io "wss://$NODE_IP:10250/exec/default/nginx/nginx?ou"</code></pre> <h2>How Fine-Grained Authorization Works</h2> <p>The new feature, based on KEP-2862, introduces a much more granular authorization model. Instead of mapping all kubelet API paths to <code>nodes/proxy</code>, it allows administrators to define specific permissions for individual endpoints. For example, a monitoring agent can be granted read-only access to <code>/metrics</code> and <code>/stats</code> without needing access to <code>/exec</code> or <code>/run</code>. This is achieved through refined RBAC rules that differentiate between read and write operations, closing the previously exploitable gap.</p> <h2>Benefits and Next Steps</h2> <p>With this GA release, clusters running Kubernetes v1.36 automatically benefit from the enhanced security model. Administrators should review their existing RBAC configurations and replace any broad <code>nodes/proxy</code> grants with targeted permissions such as <code>nodes/stats</code>, <code>nodes/log</code>, or <code>nodes/metrics</code>. The <a href="https://kubernetes.io/docs/reference/access-authn-authz/kubelet-auth/">official documentation</a> provides guidance on migrating to the new model. This change not only reduces risk but also simplifies audit logs and improves compliance with security best practices.</p> <h2>Conclusion</h2> <p>The graduation of fine-grained kubelet API authorization marks a major step forward for Kubernetes security. By eliminating the need for coarse <code>nodes/proxy</code> permissions and addressing the WebSocket RCE vulnerability, the feature empowers cluster operators to enforce least-privilege access without sacrificing functionality. All users are encouraged to upgrade to v1.36 and adopt the new authorization model.</p>