We start by creating our namespace using the below command:
We can now make our namespace secure by restricting access to it.
We could bind a "restrictive" cluster role to users using a role binding object within our namespace.
We create a RoleBinding object inside our namespace as follows:
Below is a cluster role that could only list pods:
If there are no other role bindings associating users to other roles, the users could only access this namespace.
We could also use a ResourceQuota resource to put a limit on the resources a namespace can have access to.
To limit the resources the namespace could access to "2" processor cores and "20 GB" of memory, we set these values for both the resource requests and the resource limits for the pods living in that namespace as follows: