Trying to understand the roles and role and binding concept . `User` we are bind . . .

Jayesh Jose:
Trying to understand the roles and role and binding concept . User we are binding the role is the linux system user ?.https://kubernetes.io/docs/reference/access-authn-authz/rbac/

Tej_Singh_Rana:
Hello, @Jayesh Jose
User is not related to the Linux system users and groups.
User, which specified in the kubeconfig file users column to authenticate to the k8s cluster.
You can see more details about User in the k8s docs.
https://kubernetes.io/docs/reference/access-authn-authz/authentication/#users-in-kubernetes

Tej_Singh_Rana:
Hope this example will help you.

Jayesh Jose:
Thanks @Tej_Singh_Rana now I am clear with this

Pranay:
@Jayesh Jose In past I was supper confused about this - no one place was it clearly explained - but in CKA “security” section (https://kodekloud.com/courses/539883/lectures/9808250) Mumshad makes it clear .

In Plain english

Out of the box K8s does know any user - it will allow any user to come in ( Authentication )
If you want k8s to do Authentication you have to plug-in your Authentication

Above is true for “users” (human interacting with system)

Okay once user is “in” - now what they can do that is all we learn in RBAC (Authorization)

How does k8s know what is user id user is logging in - As Tej pointed out you provide that in your .kube/config file

=====
FYI : RBAC is still part of CKA - but more of user creation / CSR / various certificates etc now has moved to CKS - That is what I hear from others
Mumshad can literally copy “security” part of CKA training as-is to CKS training and it will be still be very very relevant .

Jayesh Jose:
Thank you @Pranay !! I’m clear with this now