Hello … I am confused on how users, role, rolebinding, clusterrole , clusterbinding link each other.
So users are mentioned in kubeconfig with their certificate. The roles are made and rolebinding binds the user to roles.
Similarly, clusterrole are made and clusterrolebinding binds the user to clusterrole.
Basically I understood roles are for namespaced scope object and clusterrole are for clusterscoped objects.
But having said so , first of all there needs to be a user created in kubeconfig right?
There is no validation if a user is created or not when creating bindings with that user.
Also, who manages kubeconfig ? And suppose there are 30 employees then , kubeconfig is managed manually in each with different user and certificate ?
Don’t know if these are needed for certification but I am confused how things work in real world .