Which RBAC component binds a user or group to a ClusterRole for cluster-wide permissions?

Prepare for the Kubernetes Cloud Native Associate (KCNA) Certification test with engaging questions and detailed explanations. Perfect your knowledge and boost your confidence to pass the exam successfully!

Multiple Choice

Which RBAC component binds a user or group to a ClusterRole for cluster-wide permissions?

Explanation:
Cluster-wide access in Kubernetes RBAC is granted by binding subjects to a ClusterRole using a ClusterRoleBinding. This binding connects users, groups, or service accounts to a ClusterRole, so the resulting permissions apply across the entire cluster. In contrast, binding a subject to a Role within a specific namespace (RoleBinding) limits those permissions to that namespace. A Namespace is just a scope, not a binding mechanism, and while a ServiceAccount can be a subject, binding it to a Role in a namespace yields namespace-scoped access. So the mechanism that provides cluster-wide permissions is ClusterRoleBinding.

Cluster-wide access in Kubernetes RBAC is granted by binding subjects to a ClusterRole using a ClusterRoleBinding. This binding connects users, groups, or service accounts to a ClusterRole, so the resulting permissions apply across the entire cluster. In contrast, binding a subject to a Role within a specific namespace (RoleBinding) limits those permissions to that namespace. A Namespace is just a scope, not a binding mechanism, and while a ServiceAccount can be a subject, binding it to a Role in a namespace yields namespace-scoped access. So the mechanism that provides cluster-wide permissions is ClusterRoleBinding.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy