While practising the Labs for ClusterRole bindings, i am able to create the cul . . .

Mayur Shivram Kadam:
While practising the Labs for ClusterRole bindings, i am able to create the culsterrole and clusterrolebinding and the answer is validated successfully, but when i’m trying to check the permission to the user using --as i see the user does not have the clusterrole permission given to the user. Why is this so ?
Can someone please help/guide me here to understand ?
@Mumshad Mannambeth @Vijin Palazhi @Tej_Singh_Rana :

[email protected]:~# k create clusterrole storage-admin --resource=persistentvolumes,storageclasses --verb=get
<http://clusterrole.rbac.authorization.k8s.io/storage-admin|clusterrole.rbac.authorization.k8s.io/storage-admin> created
[email protected]:~# 
[email protected]:~# 
[email protected]:~# k create clusterrolebinding michelle-storage-admin --user=michelle --clusterrole=storage-admin
<http://clusterrolebinding.rbac.authorization.k8s.io/michelle-storage-admin|clusterrolebinding.rbac.authorization.k8s.io/michelle-storage-admin> created
[email protected]:~# 
[email protected]:~# 
[email protected]:~# k get pv --as michelle              
Error from server (Forbidden): persistentvolumes is forbidden: User "michelle" cannot list resource "persistentvolumes" in API group "" at the cluster scope
[email protected]:~# 
[email protected]:~# 
[email protected]:~# k describe clusterrole storage-admin
Name:         storage-admin
Labels:       &lt;none&gt;
Annotations:  &lt;none&gt;
PolicyRule:
  Resources                      Non-Resource URLs  Resource Names  Verbs
  ---------                      -----------------  --------------  -----
  persistentvolumes              []                 []              [get]
  <http://storageclasses.storage.k8s.io|storageclasses.storage.k8s.io>  []                 []              [get]
[email protected]:~#

Ashok Kumar:
Right way of checking is using the authapi

kubectl auth can-i get pv --as michelle

Ashok Kumar:
If you are interested in running the get command without auth api then you need to place michelle certificates on your kubeconfig file

Mayur Shivram Kadam:
@Ashok Kumar: Thanks for pointing , indeed i used the wrong command without “auth can-i” .