Kubernetes v1.36 marks a major milestone for cluster security with the graduation of fine-grained kubelet API authorization to General Availability (GA). This feature, long anticipated by administrators and security teams, replaces the overly broad nodes/proxy permission with precise, least-privilege access controls. Below are ten essential things you need to know about this upgrade.
1. The Feature Has Been in Development Since v1.32
Introduced as an opt-in alpha feature in Kubernetes v1.32 under the KubeletFineGrainedAuthz feature gate, this mechanism underwent rigorous testing. It progressed to beta (enabled by default) in v1.33, and now in v1.36 it reaches GA with the feature gate locked to enabled. This graduated approach ensures stability and widespread validation before becoming a standard part of the cluster.
2. It Solves the Long-Standing nodes/proxy Problem
Previously, the kubelet’s HTTPS API relied on a single nodes/proxy subresource for authorization. This meant that any component needing to read metrics, logs, or health status required the same permission that allows executing commands inside containers. Such coarse-grained control forced administrators to grant excessive privileges, violating the principle of least privilege and expanding the attack surface. The new feature addresses this by introducing multiple, fine-grained subresources.
3. The Old Model Created Unnecessary Risk
Granting nodes/proxy to monitoring agents, log collectors, or health checkers essentially handed over node-level superuser access. If any of these workloads were compromised, an attacker could run arbitrary commands in every container on the node. This problem was well-documented in the community (see GitHub issue #83465) and the driving force behind KEP-2862.
4. Even Read-Only Permissions Could Be Abused via WebSocket
Security research in early 2026 revealed that the nodes/proxy GET permission—routinely considered read-only—could be exploited to execute commands in pods. The root cause lies in the WebSocket protocol (RFC 6455), which uses an HTTP GET handshake for initial connection. The kubelet maps this GET to the RBAC get verb without verifying that the subsequent write operation has create permission. Using tools like websocat, an attacker could directly reach the /exec endpoint on port 10250 and run arbitrary commands.
5. Fine-Grained Authorization Introduces Multiple Subresources
The new model replaces the single nodes/proxy with distinct subresources for different kubelet APIs. For example, there are subresources for metrics, logs, runningpods, exec, attach, and more. Each can be authorized individually, allowing administrators to grant exactly the permissions needed—no more, no less.
6. Key Benefits for Monitoring and Observability
Monitoring and observability tools (e.g., Prometheus, Fluentd) now require only the get verb on the specific subresource for metrics or logs, rather than blanket nodes/proxy. This aligns with least-privilege principles, reduces the blast radius of potential attacks, and simplifies auditing. Operators can grant read-only access to node-level data without inadvertently allowing container execution.
7. How to Migrate Existing RBAC Roles
Cluster administrators should update RBAC roles and bindings to use the new subresources. For instance, replace a nodes/proxy binding for a monitoring agent with a Role or ClusterRole that includes get on nodes/<node-name>/proxy/metrics. The Kubernetes documentation provides migration guides, and the feature gate being locked to enabled means all clusters v1.36+ are ready. It’s recommended to test in a non-production environment first.
8. Comparison with the Previous Authorization Model
Under the old model, a single RBAC rule allowed or denied all kubelet API paths. The new model introduces granular subresources (e.g., nodes/metrics, nodes/logs, nodes/exec) with independent verbs. This mirrors the approach used for the Kubernetes API server and provides a consistent security model across the control plane and nodes. The change is backward compatible for existing permissions, but deprecated usage of nodes/proxy will eventually be removed.
9. Community and SIG Involvement
This enhancement was a collaborative effort between SIG Auth and SIG Node, reflecting the importance of cross-team work in Kubernetes security. The proposal went through multiple reviews and community feedback cycles (see the original Kubernetes Enhancement Proposal). The graduation to GA signifies strong consensus and readiness for production use.
10. Future Directions: What Comes After GA?
With the feature now GA, the community will focus on deprecating the old nodes/proxy subresource. Future releases may refine the list of subresources and potentially add more fine-grained controls for new kubelet endpoints. Administrators are encouraged to start migrating now and to monitor Kubernetes changelogs for any breaking changes. This feature lays the groundwork for even more granular security controls in Kubernetes.
In summary, the graduation of fine-grained kubelet authorization to GA in v1.36 is a huge step forward for cluster security. By eliminating the need for the dangerously broad nodes/proxy permission, Kubernetes now empowers operators to enforce least-privilege access for all node-level operations. Migrating to the new model not only reduces risk but also aligns with best practices for secure, multi-tenant environments. Take advantage of this feature today to harden your clusters.