Kubernetes CKA sample exam question 82 with answer

Question
A new member Ben joins your company. He is getting on-boarded and needs access to list and view the deployments.
Create a new cluster wide role called read-only-cluster and binding named read-only-cluster-binding to grant necessary permissions to Ben.
Certificates for user ben were setup already.

Answer
Use imperative commands:

kubectl create clusterrole read-only-cluster --resource=deployments --verb=get,list
kubectl create clusterrolebinding read-only-cluster-binding --clusterrole=read-only-cluster --user=ben

Verify:

kubectl auth can-i get deploy --as ben
kubectl auth can-i list deploy --as ben

you should get yes for both