1.1.3 Ensure that the --insecure-allow-any-token argument is not set
Information
Do not allow any insecure tokens Rationale: Accepting insecure tokens would allow any token without actually authenticating anything. User information is parsed from the token and connections are allowed.
Solution
Edit the API server pod specification file '/etc/kubernetes/manifests/kube-apiserver.yaml' on the master node and remove the '--insecure-allow-any-token' parameter.