Welcome! In Kubernetes v1.36, a significant security enhancement reaches general availability: fine-grained kubelet API authorization. This feature, driven by SIG Auth and SIG Node, replaces the coarse 'nodes/proxy' permission with precise controls for monitoring, logging, and health checks, drastically reducing attack surfaces. Let's explore what changed and why it matters.

What is the fine-grained kubelet API authorization feature in Kubernetes v1.36?

This feature, tracked by KEP-2862 and enabled by the now-locked KubeletFineGrainedAuthz feature gate, replaces the overly broad nodes/proxy permission with specific RBAC rules for individual kubelet API endpoints. Instead of granting blanket access to all kubelet operations, administrators can now define policies that allow only the exact actions needed—for example, reading pod metrics without permitting command execution. It graduated from alpha in v1.32 to beta in v1.33, and is now stable and enabled by default.

Why was this feature needed? The 'nodes/proxy' problem

The kubelet exposes an HTTPS API with endpoints for pods, metrics, logs, and—critically—exec into containers. Previously, when webhook authorization was used, nearly all these paths mapped to a single nodes/proxy subresource. This meant any workload needing kubelet data—like a monitoring agent—required the same permission that allows arbitrary command execution in any container on the node. The principle of least privilege was violated: a small monitoring tool could be a gateway for catastrophic attacks if compromised.

What was wrong with the old nodes/proxy permission?

Granting nodes/proxy to any workload is effectively giving node-level superuser access. If a monitoring agent, log collector, or health checker is breached, attackers gain the ability to run commands in every container on that node. This dramatically increases blast radius and has been a known issue in the Kubernetes community for years (see kubernetes/kubernetes#83465). The problem was especially acute in multi-tenant clusters or shared infrastructure.

What is the WebSocket RCE risk with nodes/proxy GET?

Security researchers demonstrated in early 2026 that even read-only nodes/proxy GET access can be abused for remote code execution. The root cause: WebSocket connections (RFC 6455) initiate with an HTTP GET handshake, which the kubelet maps to the RBAC get verb. However, after the GET handshake, the connection can be used for write operations (e.g., exec). Without a secondary check for create permission, an attacker with only GET access to nodes/proxy can connect to /exec on port 10250 and run arbitrary commands using tools like websocat. The new feature prevents this by requiring explicit permissions for exec endpoints separate from read-only endpoints.

How does the new feature improve access control?

Fine-grained authorization maps each kubelet API path to its own RBAC resource and verb. For example, reading pod metrics now requires get on nodes/metrics, while executing commands requires create on nodes/exec. This allows least-privilege policies: a monitoring tool can be granted only get nodes/metrics and get nodes/stats, without any exec or log permissions. The feature also corrects the WebSocket vulnerability by ensuring that exec endpoints require explicit create permission, not just get.

How does this feature work technically under the hood?

When the kubelet receives an API request, it now inspects the exact path (e.g., /metrics, /exec, /log, /pods) and maps it to a specific RBAC resource and verb. For instance, /exec requires create on nodes/exec, while /stats/summary requires get on nodes/stats. The feature uses the same webhook or ABAC authorization modes as before, but with richer subjectaccessreview objects. It is fully backward compatible: existing nodes/proxy permissions continue to work, but administrators can now define more precise alternatives. The feature gate is locked to enabled in v1.36, so no opt-in is needed.

How can users adopt this feature in their clusters?

To take advantage of fine-grained authorization, cluster administrators should replace broad nodes/proxy ClusterRoles with specific ones for each workload. For example, create a ClusterRole that only allows get on nodes/metrics, nodes/stats, and nodes/log for a logging agent. Tools like kubectl and monitoring systems may need RBAC adjustments. The Kubernetes documentation provides examples of new RBAC rules. Since the feature is GA, no feature gate changes are required. Start auditing existing RBAC bindings that use nodes/proxy and gradually migrate to the new granular permissions for better security posture.

What does this graduation to GA signify for the community?

General availability means the fine-grained kubelet authorization is production-ready, stable, and supported long-term. It addresses a long-standing security concern voiced in issue #83465 and closes a major gap in Kubernetes’ default security model. By enabling least-privilege access, it reduces the blast radius of compromised monitoring or logging workloads. This milestone encourages broader adoption of secure practices across the ecosystem and signals that Kubernetes continues to mature its security foundations. The feature is now recommended for all clusters, especially those with multi-tenant or sensitive workloads.