Q: 8
Create a new ServiceAccount named backend-sa in the existing namespace default, which has the
capability to list the pods inside the namespace default.
Create a new Pod named backend-pod in the namespace default, mount the newly created sa
backend-sa to the pod, and Verify that the pod is able to list pods.
Ensure that the Pod is running.
Your Answer
Discussion
backend-sa.yaml including ServiceAccount, Role, RoleBinding, and Pod definition. No explanation needed for this one.
backend-sa.yaml with all required objects (ServiceAccount, Role, RoleBinding, Pod). Just doing SA alone is a trap since it won’t grant list permission. Practice tests like this usually expect the full YAML.
Nah, just having the ServiceAccount isn't enough. You need the Role and RoleBinding too or else backend-sa won't be able to list pods. I've seen similar questions where people miss that step. Pretty sure you need all three in the YAML here. Agree?
No, just creating backend-sa.yaml on its own isn't enough. Only making the ServiceAccount won't let the pod list pods since it needs RBAC permissions too.
backend-sa.yaml
Be respectful. No spam.
