...

/

Peeking into Pre-Defined Cluster Roles

Peeking into Pre-Defined Cluster Roles

In this lesson, we will look into all the pre-defined cluster roles.

Switching from John to Us

John is frustrated. He can access the cluster, but he is not permitted to perform any operation. He cannot even list the Pods. Naturally, he asked us to be more generous and allow him to “play” with our cluster.

Since we are not taking anything for granted, we decided that the first action should be to verify John’s claim. Is it true that he cannot even retrieve the Pods running inside the cluster?

Before we move further, we’ll stop impersonating John and go back to using the cluster with god-like administrative privileges granted to the minikube user.

Press + to interact
kubectl config use-context minikube
kubectl get all

Now that we switched to the minikube context (and the minikube user), we regained full permissions, and kubectl get all returned all the objects from the default Namespace.

Let’s verify that John indeed cannot list Pods in the default Namespace.

We could configure the same certificates as those he’s using, but that would complicate the process. Instead, we’ll use a kubectl command that will allow us to check whether we could perform an action if we would be a ...

Access this course and 1400+ top-rated courses and projects.