How to create Kubernetes users limited to namespaces


I have a hard time trying to set up my (test) Kubernetes cluster so that it have a few users and a few namespaces, and a user can only see specific namespaces. Is there a way to do that? If yes, what is needed to

  1. Create a user
  2. Limit a user to a specific namespace or namespaces
  3. Use Kubernetes (via kubectl) as a specific user
-- user308993

1 Answer


You could setup ABAC ( and limit users to namespaces:

In the policy file you would have something like this if your user was bob and you wanted to limit him to the namespace projectCaribou:

  "apiVersion": "",
  "kind": "Policy",
  "spec": {
    "namespace": "projectCaribou",
    "readonly": true,
    "resource": "pods",
    "user": "bob"
-- Steve Sloka
Source: StackOverflow