Going through the SECURITY, PRACTICE TEST CLUSTER ROLES, task “A new user michelle joined the team. She will be focusing on the nodes in the cluster. Create the required ClusterRoles and ClusterRoleBindings so she gets access to the nodes.”
Please could anyone clarify what is the difference between two methods of checking:
k get nodes --as michele and
kubectl auth can-i list nodes --as michelle?
Should both commands get same results?
And I discovered that maybe applying of cluster roles take some time. Because when I execute
first time I’ve got
controlplane ~ ✖ k get nodes --as michele Error from server (Forbidden): nodes is forbidden: User "michele" cannot list resource "nodes" in API group "" at the cluster scope
But after some time I’ve got
controlplane ~ ➜ k get nodes --as michelle NAME STATUS ROLES AGE VERSION controlplane Ready control-plane,master 16m v1.26.0+k3s1
How long this applying will took?