Replacing Users with Groups
Learn to amend the access to a cluster as a single user to a group of users.
The user-specific namespace
Defining a single user that can access the jdoe
namespace is probably the best approach. We expect that only John will want to access it. They are the owner of that namespace. It’s their private playground. Even if they choose to add more users to it, they’ll probably do it independently from our YAML definitions.
After all, what’s the point of giving them all privileges if not to let them do things without asking for our permission or involvement? From our perspective, namespace has, and will continue to have only one user.
Exploring the prospective roles
We cannot apply the same logic to the permissions in the default
and dev
namespaces. We might choose to give everyone in our organization the view
role in the default
namespace. Similarly, ...