Lab: CKA Mock Exam 5/q#17

A new service account called thor-cka24-trb has been created in cluster1. Using this service account, we are trying to list and get the pods and secrets deployed in default namespace. However, this service account is not able to perform these operations.

Look into the issue and apply the appropriate fix(es) so that the service account thor-cka24-trb can perform these operations.

There isn’t a role created as per the solution mentioned. (see the screenshot attached)
kubectl get rolebinding -o yaml | grep -B 5 -A 5 thor-cka24-trb

The solution is incorrect.

So I created a clusterrole and rolebinding to associate with the clusterrole created. It is not always clear from this questions like this whether to create a rolebinding or clusterrolebinding. I think the question should also to be updated. what do you recomended doing in such situations when it is not clear?

Screenshot 2024-10-28 at 12.36.031920×1200 148 KB

Hi @sreenivasc

Could you please attempt the lab again? I tried this lab and the validation worked as expected and the ServiceAccount, Role, and RoleBinding are already available on the cluster1.

You need to update the rolebinding to get and list, pods, and secrets. And that all the task requires.

CKA-RBAC1683×829 108 KB

Regards.