Difference between revisions of "Kubernetes Authentication"

From wikieduonline
Jump to navigation Jump to search
Line 2: Line 2:
  
 
* [[Service accounts]]
 
* [[Service accounts]]
* [[Users]]: "normal" user accounts cannot be added via an API call, any user that presents a valid [[certificate]] signed by the cluster's [[certificate authority]] (CA) is considered authenticated.<ref>https://kubernetes.io/docs/reference/access-authn-authz/authentication/#users-in-kubernetes</ref>
+
* [[Users]]: "normal" user accounts cannot be added via an API call, any user that presents a valid [[certificate]] signed by the cluster's [[certificate authority]] (CA) is considered authenticated.<ref>https://kubernetes.io/docs/reference/access-authn-authz/authentication/#users-in-kubernetes</ref>. Kubernetes determines the username from the common name field in the <code>'subject'</code> of the cert (e.g., <code>"/CN=your-user"</code>).
  
  

Revision as of 16:09, 25 August 2022

https://kubernetes.io/docs/reference/access-authn-authz/authentication/

  • Service accounts
  • Users: "normal" user accounts cannot be added via an API call, any user that presents a valid certificate signed by the cluster's certificate authority (CA) is considered authenticated.[1]. Kubernetes determines the username from the common name field in the 'subject' of the cert (e.g., "/CN=your-user").


Authorization: Bearer 31ada4fd-adec-460c-809a-9e56ceb75269


Related

See also

  • https://kubernetes.io/docs/reference/access-authn-authz/authentication/#users-in-kubernetes
    • Retrieved from "https://www.wikieduonline.com/index.php?title=Kubernetes_Authentication&oldid=171404"

    Advertising: