You should disable Attribute-Based Access Control (ABAC), and instead use Role-Based Access Control (RBAC) in GKE.
RBAC has significant security advantages and is now stable in Kubernetes, so it’s time to disable ABAC.
ABAC permissions are less secure than RBAC permissions
Switch to using RBAC permissions
The following example will fail the google-gke-use-rbac-permissions check.
The following example will pass the google-gke-use-rbac-permissions check.