Kubernetes: Service Accounts

A service account provides an identity for processes that run in a Pod.


e.g. if you access the cluster using kubectlyou’re authenticated by apiserver as a user account (e.g. admin).

Processes in containers also contact apiserver and are authenticated (e.g. if you don’t specify an account then it’s assigned default).


Check pod service account name via:

kubectl get pods/podname -o yaml

and see spec.serviceAccountName


List service accounts:

kubectl get serviceAccounts

There doesn’t seem to be a way to view them via the Kubernetes Dashboard.






Leave a Reply

Your email address will not be published. Required fields are marked *