Support for access restriction on consumer kubeconfig to specific Instances/Namespaces

[devdattakulkarni]

Following requirement came up recently in one of our client interactions.

They want to create separate application instances - dev, test, prod - and give access to these instances to specific users.

We support the ability to create consumer kubeconfigs via provider-kubeconfig.py. We first create a ServiceAccount for the consumer and then generate a kubeconfig file for that consumer. The SA is created in the same namespace where KubePlus is installed. The default permissions on this kubeconfig are - readonly access to most of the K8s resources across all the Namespaces. We want to evolve this to support the above requirement.