Sequence of commands to replace cluster administrator in AKS (with RBAC)

4/13/2019

I am looking at replacing the current cluster administrator (single user account) with a service account as well as a group account. Does the follow sequence of action make sense? a) Create a cluster role binding (with the 2 new subjects) b) Delete the existing cluster role binding (with the existing subject)

Also, does the act of editing cluster admins have an impact on other resources with the cluster?

-- Nick

azure-aks

kubernetes

Similar Questions

Wildcard Let's Encrypt certificates with cert-manager, nginx ingress, cloudflare in kubernetes how to fix?

How to handle database migrations with Kubernetes and Skaffold

Private docker registry on Kubernetes

EKS Node EC2 instance gets terminated

How to handle pods shutdown gracefully in microservices architechture

ErrImageNeverPull error in kubernetes of windows docker desktop

microk8s - helm3 / function "lookup" not defined

K8s cluster is healthy, but kubelet display unusual message repeatedly every minute

Stop replication through kubernetes

1 Answer

4/13/2019

Yes, that would work, just create a new cluster role binding and delete the old one
No, editing cluster role bindings have no effect on other resources unless they are using that service account\user which was using the cluster role binding (i.e. tiller or pod service accounts).

-- 4c74356b41

Source: StackOverflow