Mir Waseem Nazir:
Any Idea why the can-i command is saying no even I have proper permission set in role and role binding
Vladan Divac:
I believe the issue is that privileges are restricted only to certain pods (resource names) in the blue namespace. So, the dev user can not get all pods in the namespace but only blue-app and dark-blue-app.
Can you try with kubectl auth can-i get pod blue-app -n blue --as dev-user ?
Mir Waseem Nazir:
@Vladan Divac have tried that too, and result was no
Mir Waseem Nazir:
it was in one of the labs related to RBAC
unnivkn:
hi @Mir Waseem Nazir please go through this: https://github.com/kodekloudhub/certified-kubernetes-administrator-course