Cert authen will grant full access to the user.
From: https://cloud.google.com/kubernetes-engine/docs/how-to/iam-integration --- Using legacy cluster certificate or user credentials Kubernetes Engine clusters also accept both the cluster certificate and a username with password. Requests with either of these methods have full authorization inside the cluster, and are not controlled by IAM. --- -- You received this message because you are subscribed to the Google Groups "Kubernetes user discussion and Q&A" group. To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-users+unsubscr...@googlegroups.com. To post to this group, send email to kubernetes-users@googlegroups.com. Visit this group at https://groups.google.com/group/kubernetes-users. For more options, visit https://groups.google.com/d/optout.
