diff --git a/pkg/kubelet/server/auth.go b/pkg/kubelet/server/auth.go
index c5543e80a7c..7e7fdd9643a 100644
--- a/pkg/kubelet/server/auth.go
+++ b/pkg/kubelet/server/auth.go
@@ -69,11 +69,11 @@ func isSubpath(subpath, path string) bool {
 //	/metrics/*		=> verb=<api verb from request>, resource=nodes, name=<node name>, subresource(s)=metrics
 //	/logs/*			=> verb=<api verb from request>, resource=nodes, name=<node name>, subresource(s)=log
 //	/checkpoint/*	=> verb=<api verb from request>, resource=nodes, name=<node name>, subresource(s)=checkpoint
+//	/statusz 		=> verb=<api verb from request>, resource=nodes, name=<node name>, subresource(s)=statusz
 //	/pods/*			=> verb=<api verb from request>, resource=nodes, name=<node name>, subresource(s)=pods,proxy
 //	/runningPods/*	=> verb=<api verb from request>, resource=nodes, name=<node name>, subresource(s)=pods,proxy
 //	/healthz/* 		=> verb=<api verb from request>, resource=nodes, name=<node name>, subresource(s)=healthz,proxy
 //	/configz 		=> verb=<api verb from request>, resource=nodes, name=<node name>, subresource(s)=configz,proxy
-//	/statusz 		=> verb=<api verb from request>, resource=nodes, name=<node name>, subresource(s)=statusz,proxy
 func (n nodeAuthorizerAttributesGetter) GetRequestAttributes(u user.Info, r *http.Request) []authorizer.Attributes {
 
 	apiVerb := ""
@@ -101,8 +101,6 @@ func (n nodeAuthorizerAttributesGetter) GetRequestAttributes(u user.Info, r *htt
 			subresources = append(subresources, "healthz")
 		case isSubpath(requestPath, configz.DefaultConfigzPath):
 			subresources = append(subresources, "configz")
-		case isSubpath(requestPath, statusz.DefaultStatuszPath):
-			subresources = append(subresources, "statusz")
 		// We put runningpods last since it will allocate a new string on every
 		// check since the handler path has a trailing slash.
 		case isSubpath(requestPath, runningPodsPath):
@@ -120,6 +118,8 @@ func (n nodeAuthorizerAttributesGetter) GetRequestAttributes(u user.Info, r *htt
 		subresources = append(subresources, "log")
 	case isSubpath(requestPath, checkpointPath):
 		subresources = append(subresources, "checkpoint")
+	case isSubpath(requestPath, statusz.DefaultStatuszPath):
+		subresources = append(subresources, "statusz")
 	default:
 		subresources = append(subresources, "proxy")
 	}
diff --git a/pkg/kubelet/server/server_test.go b/pkg/kubelet/server/server_test.go
index e3b517fb4d7..7540a14fbde 100644
--- a/pkg/kubelet/server/server_test.go
+++ b/pkg/kubelet/server/server_test.go
@@ -1619,6 +1619,8 @@ func TestServePortForward(t *testing.T) {
 }
 
 func TestMetricBuckets(t *testing.T) {
+	featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, zpagesfeatures.ComponentStatusz, true)
+
 	tests := map[string]struct {
 		url    string
 		bucket string
@@ -1654,7 +1656,6 @@ func TestMetricBuckets(t *testing.T) {
 		"invalid path":                    {url: "/junk", bucket: "other"},
 		"invalid path starting with good": {url: "/healthzjunk", bucket: "other"},
 	}
-	featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, zpagesfeatures.ComponentStatusz, true)
 	fw := newServerTest()
 	defer fw.testHTTPServer.Close()