Role-based access control is an important component when it comes to managing a Kubernetes cluster securely. The more users and automated processes there are that need to interface with the Kubernetes API, the more important controlling access becomes. In this lab, you will have the opportunity to practice your skills with the Kubernetes RBAC system by implementing your own RBAC permissions to appropriately limit user access.
Successfully complete this lab by achieving the following learning objectives:
- Create a Role for the `dev` User
Create a role called
pod-reader. Provide it with read access to pods and container logs in the
- Bind the Role to the `dev` User and Verify Your Setup Works
Create a RoleBinding to bind the
pod-readerrole to the
devuser. Interact with pods in the
beebox-mobilenamespace to make sure you can read pod metadata and container logs as the
devuser but not make any changes.