OP1:
Hi Guys, I was hoping someone could please clarify this answer for me. In the last question of the RBAC practice exam, I was told to grant the user permission to create deployments in the blue namespace. The solution says to create a new rule under the exsisting one with the apps api groups and deployments under resources. My question is why cant I just add deployments in the exsiting resource list under pods? As for the api group, it just has double quotes which includes all if i’m not mistaken.
Thank you
Aneek Bera:
k create role dev-user-role --verb=create --resource=deployments --user=dev-user --namespace=blue
Aneek Bera:
because you need to add a new user to the deployment.