Home/

...

/

Combining Role Bindings with Namespaces

Combining Role Bindings with Namespaces

In this lesson, first, we will combine Role Bindings with Namespaces and then create a user-specific Namespace.

The Solution

The new request demanding more freedom provides an excellent opportunity to combine Namespaces with Role Bindings.

We can create a dev Namespace and allow a selected group of users to do almost anything in it. That should give developers enough freedom within the dev Namespace while avoiding the risks of negatively impacting the resources running in others.

Looking into the Definition

Let’s take a look at the auth/rb-dev.yml definition.

Press + to interact
cat auth/rb-dev.yml

The output is as follows.

Press + to interact
apiVersion: v1
kind: Namespace
metadata:
  name: dev
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: dev
  namespace: dev
subjects:
- kind: User
  name: jdoe
  apiGroup: rbac.authorization.k8s.io
roleRef:
  kind: ClusterRole
  name: admin
  apiGroup: rbac.authorization.k8s.io

Line 1-4: The first section defines the dev Namespace.

Line 8-20: The second section specifies the binding with the same name. Since we’re using RoleBinding (not ClusterRoleBinding), the effects will ...

Access this course and 1400+ top-rated courses and projects.