https://rancher.com/ logo
Title
c

clean-sundown-64594

10/20/2022, 8:39 PM
Good afternoon. I’m running into a problem in my cluster. 2 days ago my team tried to conduct an upgrade to 2.6.8. In the process it looks like a ClusterRolebinding called
cattle-unauthenticated
was created on the local cluster. This triggered some security alarm bells and I need to confirm whether or not it was us. I cannot find this in the helm chart so I’m wondering if an operator did this.
c

clean-sundown-64594

10/20/2022, 8:51 PM
ok, so this is what’s creating that role binding?
I’m not fluent in go, but it looks like that’s what’s happening here.
f

full-painter-23916

10/20/2022, 8:53 PM
yes
It allows read access (
get
) to a limited set of settings that the UI uses before you're logged in
c

clean-sundown-64594

10/20/2022, 8:54 PM
ok
It raised red flags in AWS GuardDuty.
I appreciate your help @full-painter-23916 tremendously
👍 1