Replacing Users With Groups
In this lesson, we will amend the access to a cluster as a single user to a group of users.
The User-Specific Namespace
Defining a single user that can access the jdoe
Namespace was probably the best approach. We expect that only John will want to access it. He is the owner of that Namespace. It’s his private playground. Even if he chooses to add more users to it, he’ll probably do it independently from our YAML definitions.
After all, what’s the point of giving him god-like privileges if not to let him do things without asking for our permission or involvement? From our perspective, that Namespace has, and will continue having only one User.
Exploring the Prospective Roles
We cannot apply the same logic to the permissions in default
and dev
Namespaces. We might choose to give everyone in our organization the ...