Authentication using Client Certificates should be disabled

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

Client certificates should be disabled, which require certificate rotation, for authentication. Kubernetes does not have a way to revoke certificates at present and you should use another authentication method like OAuth.

Note: Basic authentication(static password) has been removed as of v1.19 in Kubernetes.

Remediation

  1. Go to the Kubernetes Engine
  2. Click CREATE CLUSTER
  3. Configure the cluster as required and the click on Availability, networking, security, and additional features section
  4. Ensure that the Issue a client certificate checkbox is not ticked
  5. Click CREATE.

References