Difference between revisions of "Kubernetes service account"
Jump to navigation
Jump to search
Tags: Mobile web edit, Mobile edit |
Tags: Mobile web edit, Mobile edit |
||
Line 1: | Line 1: | ||
* https://kubernetes.io/docs/reference/access-authn-authz/service-accounts-admin/ | * https://kubernetes.io/docs/reference/access-authn-authz/service-accounts-admin/ | ||
* https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ | * https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ | ||
− | |||
− | |||
− | |||
− | |||
https://kubernetes.io/docs/reference/access-authn-authz/rbac/ | https://kubernetes.io/docs/reference/access-authn-authz/rbac/ | ||
[[system:serviceaccount:]] (singular) is the prefix for service account usernames. | [[system:serviceaccount:]] (singular) is the prefix for service account usernames. | ||
[[system:serviceaccounts:]] (plural) is the prefix for service account groups. | [[system:serviceaccounts:]] (plural) is the prefix for service account groups. | ||
+ | * <code>[[kind: ServiceAccount]]</code> | ||
+ | * <code>[[kubernetes.io/service-account-token]]</code> | ||
+ | |||
+ | == Commands == | ||
* <code>[[kubectl get serviceaccounts]], [[kubectl get sa]]</code> | * <code>[[kubectl get serviceaccounts]], [[kubectl get sa]]</code> | ||
* <code>[[kubectl create serviceaccount]], [[kubectl create sa]]</code> | * <code>[[kubectl create serviceaccount]], [[kubectl create sa]]</code> | ||
* <code>[[kubectl describe sa]]</code> | * <code>[[kubectl describe sa]]</code> | ||
− | |||
[[Helm v2]] (deprecated) | [[Helm v2]] (deprecated) |
Revision as of 05:20, 10 March 2023
- https://kubernetes.io/docs/reference/access-authn-authz/service-accounts-admin/
- https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
https://kubernetes.io/docs/reference/access-authn-authz/rbac/
system:serviceaccount: (singular) is the prefix for service account usernames. system:serviceaccounts: (plural) is the prefix for service account groups.
Contents
Commands
kubectl get serviceaccounts, kubectl get sa
kubectl create serviceaccount, kubectl create sa
kubectl describe sa
Helm v2 (deprecated)
helm init --stable-repo-url=https://charts.helm.sh/stable --service-account tiller --tiller-image ghcr.io/helm/tiller:v2.16.1
Related
- Terraform Kubernetes resource: kubernetes_service_account
- Google Cloud Service account
- Helm:
My-first-chart/templates/serviceaccount.yaml
- Kubernetes roles
- Token:
aws eks get-token
- Serviceaccounts controller
- BoundServiceAccountTokenVolume
system:
- ServiceAccount admission controller:
/var/run/secrets/kubernetes.io/serviceaccount
Activities
- Read AWS documentation: https://docs.aws.amazon.com/eks/latest/userguide/service-accounts.html
See also
- Kubernetes service account, ServiceAccount:,
kubectl get serviceaccounts, kubectl create serviceaccount, kubectl describe serviceaccount
,kubernetes.io/service-account-token
, Kubernetes users, Kubernetes groups, Kubernetes roles,ServiceAccountTokenNodeBinding
- Kubernetes Authentication,
kubectl create serviceaccount, kubectl get serviceaccounts, CertificateSigningRequest, aws-auth
, bearer tokens, EKS Authentication - Kubernetes RBAC
kubectl auth, kubectl auth can-i, kubectl auth reconcile
kubectl create [ role | clusterrole | clusterrolebinding
|rolebinding | serviceaccount ], groups:
, Kubernetes RBAC good practices,kube2iam
, K8s Cluster roles,rbac.authorization.k8s.io
,system:
Advertising: