How to create Kubernetes namespace restricted users

Question

How to create Kubernetes namespace restricted users

It’s hard for me to configure my (test) Kubernetes cluster so that it has multiple users and multiple namespaces, and the user can only see specific namespaces. Is there any way to do this? If so, what do you need for

Create user
Restrict a user to a specific namespace or namespaces
Use Kubernetes (via kubectl) as a specific user

+5

namespaces kubernetes

user308993 Feb 27 '16 at 0:36

source share

1 answer

Steve sloka · Answer 1 · 2016-06-01T12:11:10+0000

You can configure ABAC ( http://kubernetes.io/docs/admin/authorization/ ) and restrict users to a namespace:

In the policy file, you will have something like this if your user was bob and you wanted to limit it to the projectCaribou namespace:

 { "apiVersion": "abac.authorization.kubernetes.io/v1beta1", "kind": "Policy", "spec": { "namespace": "projectCaribou", "readonly": true, "resource": "pods", "user": "bob" } }

How to create Kubernetes namespace restricted users

More articles: