Create a new RoleBinding named test-role-2-bind binding the newly created Role to the Pod’s ServiceAccount.
Note: Don’t delete the existing RoleBinding.
Answer: $ k edit role test-role -n database
✑ uk.co.certification.simulator.questionpool.PList@e615200
$ k create role test-role-2 -n database –resource statefulset –verb update$ k create rolebinding test-role-2-bind -n database –role test-role-2 –serviceaccount=database:test-sa
Explanation[desk@cli]$ k get pods -n database NAME READY STATUS RESTARTS AGE LABELS web-pod 1/1 Running 0 34s run=web-pod
[desk@cli]$ k get roles -n databasetest-role[desk@cli]$ k edit role test-role -n database
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
creationTimestamp: "2021-06-13T11:12:23Z"
name: test-role
namespace: database
resourceVersion: "1139"
selfLink: /apis/rbac.authorization.k8s.io/v1/namespaces/database/roles/test-role
uid: 49949265-6e01-499c-94ac-5011d6f6a353 rules:
– apiGroups:
– ""
resources:
– pods verbs:
– "*" # Delete this
– get # Replace by this
Leave a Reply