Restrict kubelet nodes to reading only objects associated with them. Rationale: The Node authorization mode only allows kubelets to read Secret, ConfigMap, PersistentVolume, and PersistentVolumeClaim objects associated with their nodes. Impact: None
Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the master node and set the --authorization-mode parameter to a value that includes Node. --authorization-mode=Node,RBAC Default Value: By default, Node authorization is not enabled.