How is a new user, such as "batman", associated with a group in Kubernetes RBAC?

Study for the Kubernetes Cloud Native Associate (KCNA) Certification 1 Test. Master the core concepts of Kubernetes with multiple-choice questions and detailed explanations. Prepare and boost your confidence for the KCNA certification exam!

Multiple Choice

How is a new user, such as "batman", associated with a group in Kubernetes RBAC?

When using certificate-based authentication, Kubernetes derives the user identity and group membership from the client certificate's subject. The user name typically comes from the Common Name (CN), and groups can be sourced from the Organization (O) field. So to associate a user like batman with a group, you embed the group name in the O field of batman’s certificate; the API server will treat batman as the user and use the O field to populate the groups batman belongs to. You can then grant permissions to that user or to that group via RoleBinding or ClusterRoleBinding.

The other options don’t establish that association: editing etcd directly isn’t how RBAC groups are defined, a Namespace scopes access but doesn’t define identity or groups, and RoleBinding is used to grant permissions rather than define how a user maps to a group.

How is a new user, such as "batman", associated with a group in Kubernetes RBAC?

Study for the Kubernetes Cloud Native Associate (KCNA) Certification 1 Test. Master the core concepts of Kubernetes with multiple-choice questions and detailed explanations. Prepare and boost your confidence for the KCNA certification exam!

How is a new user, such as "batman", associated with a group in Kubernetes RBAC?

Get the latest from Examzify