How to create Kubernetes users limited to namespaces
You could setup ABAC (http://kubernetes.io/docs/admin/authorization/) and limit users to namespaces:
In the policy file you would have something like this if your user was bob
and you wanted to limit him to the namespace projectCaribou
:
{ "apiVersion": "abac.authorization.kubernetes.io/v1beta1", "kind": "Policy", "spec": { "namespace": "projectCaribou", "readonly": true, "resource": "pods", "user": "bob" }}