The object in Kubernetes used to grant permissions to a cluster-wide resource is ClusterRoleBinding. A ClusterRoleBinding is a cluster-scoped object that grants permissions defined in a ClusterRole to one or more subjects, such as users, groups, or service accounts5. A ClusterRole is a cluster-scoped object that defines a set of permissions on cluster-scoped resources (like nodes) or namespaced resources (like pods) across all namespaces5. For example, a ClusterRoleBinding can be used to allow a particular user to run kubectl get pods --all-namespaces by granting them the permissions defined in a ClusterRole that allows listing pods in any namespace6. References: Using RBAC Authorization | Kubernetes, Cluster Roles and Cluster Roles Binding in Kubernetes | ANOTE.DEV
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit