Let's perform the following steps to test the Role and RoleBinding we created earlier:
- Deploy a test pod in the secureapp namespace where the user has access:
$ cat <<EOF | kubectl --context=user3445-context apply -f -
apiVersion: v1
kind: Pod
metadata:
name: busybox
namespace: secureapp
spec:
containers:
- image: busybox
command:
- sleep
- "3600"
imagePullPolicy: IfNotPresent
name: busybox
restartPolicy: Always
EOF
List the pods in the new user's context. The same command that failed in the Creating user accounts recipe in Step 7 should now execute successfully:
$ kubectl --context=user3445-context get pods
NAME READY STATUS RESTARTS AGE
busybox 1/1 Running 1 2m
If you try to create the same pod in a different namespace, you will see that the command will fail to execute.