How is a new user, such as "batman", associated with a group in Kubernetes RBAC?

Prepare for the KCNA Certification Test. Study with flashcards, multiple-choice questions, and detailed explanations to enhance your understanding of Kubernetes Cloud Native concepts. Ace your exam!

Multiple Choice

How is a new user, such as "batman", associated with a group in Kubernetes RBAC?

When using certificate-based authentication, Kubernetes derives the user identity and group membership from the client certificate's subject. The user name typically comes from the Common Name (CN), and groups can be sourced from the Organization (O) field. So to associate a user like batman with a group, you embed the group name in the O field of batman’s certificate; the API server will treat batman as the user and use the O field to populate the groups batman belongs to. You can then grant permissions to that user or to that group via RoleBinding or ClusterRoleBinding.

The other options don’t establish that association: editing etcd directly isn’t how RBAC groups are defined, a Namespace scopes access but doesn’t define identity or groups, and RoleBinding is used to grant permissions rather than define how a user maps to a group.

How is a new user, such as "batman", associated with a group in Kubernetes RBAC?

Prepare for the KCNA Certification Test. Study with flashcards, multiple-choice questions, and detailed explanations to enhance your understanding of Kubernetes Cloud Native concepts. Ace your exam!

How is a new user, such as "batman", associated with a group in Kubernetes RBAC?

Get the latest from Examzify