Description

Client certificates should be disabled, which require certificate rotation, for authentication. Kubernetes does not have a way to revoke certificates at present and you should use another authentication method like OAuth.

Note: Basic authentication(static password) has been removed as of v1.19 in Kubernetes.

Remediation

1. Go to the Kubernetes Engine
2. Click CREATE CLUSTER
3. Configure the cluster as required and the click on Availability, networking, security, and additional features section
4. Ensure that the Issue a client certificate checkbox is not ticked
5. Click CREATE.

References