devops

Kubernetes v1.35: Restricting executables invoked by kubeconfigs via exec plugin allowList added to kuberc

Published: (January 9, 2026 at 01:30 PM EST)
2 min read
Source: Kubernetes Blog

Source: Kubernetes Blog

Overview

Kubernetes v1.35 introduces a credential plugin policy and allowlist that let you restrict which executables defined in a kubeconfig’s exec plugin can be run by kubectl. This helps mitigate supply‑chain attacks where a compromised kubeconfig could invoke arbitrary code on the client machine.

How it works

The functionality is documented in the official kuberc reference. It is available as a beta feature in Kubernetes 1.35 without any feature gates.

Default behavior

If you do not add any of the new fields, kubectl behaves as before and all credential plugins are allowed.

apiVersion: kubectl.config.k8s.io/v1beta1
kind: Preference

Explicit allow‑all

You can make the default explicit by setting the policy to AllowAll.

apiVersion: kubectl.config.k8s.io/v1beta1
kind: Preference
credentialPluginPolicy: AllowAll

Deny all (debugging)

If you are unsure whether your kubeconfig uses exec credential plugins, set the policy to DenyAll. kubectl will reject any plugin execution, revealing which plugins it would have tried to run.

apiVersion: kubectl.config.k8s.io/v1beta1
kind: Preference
credentialPluginPolicy: DenyAll

Running a command with this policy will produce an error such as:

Unable to connect to the server: getting credentials: plugin "cloudco-login" not allowed: policy set to "DenyAll"

Increase the verbosity of kubectl to get more details:

kubectl get pods --v=5

Selectively allowing plugins

When you need specific plugins, use the Allowlist policy and list the permitted executables.

apiVersion: kubectl.config.k8s.io/v1beta1
kind: Preference
credentialPluginPolicy: Allowlist
credentialPluginAllowlist:
  - name: /usr/local/bin/cloudco-login   # full path
  - name: get-identity                  # basename, resolved via exec.LookPath
  • Full path entries are preferred because they narrow the allowed binary scope.
  • Basename entries are resolved using exec.LookPath; globbing or wildcards are not supported.

Future enhancements

The current allowlist entry contains only a name field. Planned improvements include:

  • Checksum verification – allow a binary only if its SHA‑256 hash matches a known value, e.g.:

    sha256: b9a3fad00d848ff31960c44ebb5f8b92032dc085020f857c98e32a5d5900ff9c
path: /usr/bin/cloudco-login

  • Signed binaries – restrict execution to binaries signed by trusted keys.

Get involved

The credential plugin policy is still evolving, and the SIGs (SIG‑CLI, SIG‑AUTH) welcome feedback and contributions. Join the discussion on the Kubernetes Slack channels:

  • #sig-cli
  • #sig-auth
Back to Blog

Related posts

Read more »

StatefulSet project

Prerequisites A StatefulSet requires the following components: - Headless Service – provides stable DNS for each pod. - StatefulSet manifest – defines the pods...