[[There are no Deny rules in Kubernetes RBAC]]

[[ClusterRoles can be applied to one or more namespaces]]

[[RBAC permissions are additive]]

[[ServiceAccounts are only used by non-humans]]

[[Users do not live in the cluster as resources]]

## Links:



202404011006