Attribute-Based Access Control (ABAC) policy will be used if you start the api-server with the --authorization-mode=ABAC option. This policy uses local files in which you can, in a flexible way, define permission every user should have. There is an additional option to provide a policy file: --authorization-policy-file, so the complete syntax to use this policy will be:
$ kube-apiserver --authorization-mode=ABAC \ --authorization-policy-file=<PATH_TO_ POLICY_FILE>
Note that any changes to policy file will require a restart of the api-server.
As you remember from Chapter 7, Introduction to Kubernetes, Kubernetes clusters use the concept of namespaces to group related resources, such as Pods, deployments, or ...