chapter three

3 Identity and access management

This chapter covers

The basics of role-based access control
Creating roles and role bindings
Using certificates to create users and groups
Creating Service Accounts with roles
Mounting Service Accounts to pods

In this chapter, we’ll focus on role-based access control (RBAC), which is within the Cluster Architecture, Installation, and Configuration section of the exam curriculum. Now that you know how the Kubernetes API works, it’s essential to understand how to authenticate and authorize a user and a Service Account for the exam.

The Cluster Architecture, Installation, and Configuration domain

This chapter covers part of the Cluster Architecture, Installation, and Configuration domain of the Certified Kubernetes Administrator (CKA) curriculum. This domain includes a Kubernetes cluster and the ways in which we configure different aspects of the cluster. It encompasses the following competencies.

Competency	Chapter section
RBAC	3.1, 3.2, 3.3

3 Identity and access management

This chapter covers

The Cluster Architecture, Installation, and Configuration domain

3.1 Role-based access control

3.1.1 Roles and role bindings

3.1.2 System roles and groups

3.2 Users and groups

3.3 Service accounts

Summary