Alex Tsmokalyuk:
Guys, can I create serviceaccount and clusterrole and then bind them using role binding and not clusterrolebinding? If yes, what would be the difference?
Nitish Patni:
service account is namespaced resource and can work within namespace
clusterrole is clustered resource , work across cluster
rolebinding is specific to namespace resource whereas clusterrolebinding can be used to bind clusterroles accross resource. but clusterrolebinding can also be done using roles as well…so it’s totally depend on the qeury
binding you can use either an existing clusterrole which canbe cluster wide but binding with specific sa which is namespaced will limit it’s access
Alex Tsmokalyuk:
The difference is scope. Thank you brother!
unnivkn:
Hi @Alex Tsmokalyuk fyr: https://kodekloud.slack.com/archives/CHMV3P9NV/p1663176387473889?thread_ts=1663124763.658059&cid=CHMV3P9NV
Aneek Bera:
In short in this case ----------> ClusterRole + RoleBinding = Role + RoleBinding