Hello .. I am confused on how users, role, rolebinding, clusterrole , clusterbin . . .

I Malla:
Hello … I am confused on how users, role, rolebinding, clusterrole , clusterbinding link each other.

So users are mentioned in kubeconfig with their certificate. The roles are made and rolebinding binds the user to roles.
Similarly, clusterrole are made and clusterrolebinding binds the user to clusterrole.
Basically I understood roles are for namespaced scope object and clusterrole are for clusterscoped objects.

But having said so , first of all there needs to be a user created in kubeconfig right?
There is no validation if a user is created or not when creating bindings with that user.
Also, who manages kubeconfig ? And suppose there are 30 employees then , kubeconfig is managed manually in each with different user and certificate ?

Don’t know if these are needed for certification but I am confused how things work in real world .

Hinodeya:
@I Malla Honestly read man you have all informations on the official documentation https://kubernetes.io/docs/reference/access-authn-authz/rbac/

Fernando Jimenez:

And suppose there are 30 employees then , kubeconfig is managed manually in each with different user and certificate ?

Kubernetes does not have users. To authenticate (to accept you are you) it allows other mechanisms to tell it that. One of those mechanisms is via certificates. Which it is not very maintainable friendly at scale. However, there are other ways of telling, a human person is who the person is. For the scope of this exam you need to know the certificate mechanism.