CKA Mock Exam Service Account - Cluster Role Question

Hi,

First of all great course and I’ve been an avid learner for the past year,. I’m prepping for the Exams now and this has really helped my confidence.

I do run into some questions where I feel the answers are wrong or can be more flexible.

One example is this one:

For this question, please set the context to cluster1 by running:

kubectl config use-context cluster1

Create a service account called pink-sa-cka24-arch. Further create a cluster role called pink-role-cka24-arch with full permissions on all resources in the core api group under default namespace in cluster1.

Finally create a cluster role binding called pink-role-binding-cka24-arch to bind pink-role-cka24-arch cluster role with pink-sa-cka24-arch service account.

The question asks that we grant 'full permissions but under the ‘default’ namespace. This, to me seems like a trick question - clusterroles are not namespace scoped, so the way to achieve this is via a role.

However, the solution creates a clusterrole, which will grant access to all namespaces not just the default. If this is the required output, then I guess the default namespace should not have been mentioned at all in the question, since it can lead to ambiguity about requirements.

Hi @Oche,

Thank you for your feedback, the mention here is for the service account

Thanks for the response, in that case maybe the wording should say something like

Create a service account called pink-sa-cka24-arch in the default namespace . Further create a cluster role called pink-role-cka24-arch with full permissions on all resources in the core api group under default namespace in cluster1 . reate a service account called pink-sa-cka24-arch . Further create a cluster role called pink-role-cka24-arch with full permissions on all resources in the core api group in cluster1 .