Initially I thought Node Authorization is separate Authorization mechanism but when I checked the ClusterRole and Binding I see system:node role which has enough permission for Node to operate. so Node Authorization also uses the RBAC in behind the scenes?
If someone already aware, Kindle clarify. Thanks
As I read the documentation, it’s a distinct system that will work even if RBAC is disabled for some reason. It also has its own option in kube-apiserver’s switches:
--authorization-mode=Node,RBAC