Kubernetes: Service Accounts

A service account provides an identity for processes that run in a Pod.

 

e.g. if you access the cluster using kubectlyou’re authenticated by apiserver as a user account (e.g. admin).

Processes in containers also contact apiserver and are authenticated (e.g. if you don’t specify an account then it’s assigned default).

 

Check pod service account name via:

kubectl get pods/podname -o yaml

and see spec.serviceAccountName

 

List service accounts:

There doesn’t seem to be a way to view them via the Kubernetes Dashboard.

 

 

https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *