From 460efa699062fcbcc1d17c0fbf82f6fcc8a6fa34 Mon Sep 17 00:00:00 2001
From: arcreigh <arcreigh@gmail.com>
Date: Tue, 3 Nov 2020 10:35:55 -0500
Subject: [PATCH] Remove ability for anonymous authentication

Add --anonymous-auth=false \\
As the default allows anonymous authentication
--anonymous-auth     Default: true
Enables anonymous requests to the secure port of the API server. Requests that are not rejected by another authentication method are treated as anonymous requests. Anonymous requests have a username of system:anonymous, and a group name of system:unauthenticated.
---
 docs/08-bootstrapping-kubernetes-controllers.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docs/08-bootstrapping-kubernetes-controllers.md b/docs/08-bootstrapping-kubernetes-controllers.md
index e64e8a2..944ddd3 100644
--- a/docs/08-bootstrapping-kubernetes-controllers.md
+++ b/docs/08-bootstrapping-kubernetes-controllers.md
@@ -74,6 +74,7 @@ Documentation=https://github.com/kubernetes/kubernetes
 ExecStart=/usr/local/bin/kube-apiserver \\
   --advertise-address=${INTERNAL_IP} \\
   --allow-privileged=true \\
+  --anonymous-auth=false \\
   --apiserver-count=3 \\
   --audit-log-maxage=30 \\
   --audit-log-maxbackup=3 \\