This announcement marks a significant step in Kubernetes security, addressing a well-documented vulnerability where overly broad permissions could lead to remote code execution. The strongest version of this narrative highlights the collaborative effort by SIG Auth and SIG Node to implement a least-privilege model, reducing the blast radius of compromised monitoring tools. The feature’s progression from alpha to GA reflects careful testing and community feedback, ensuring backward compatibility ...