Difference between revisions of "Kubernetes service account"

From wikieduonline
Jump to navigation Jump to search
 
(43 intermediate revisions by 6 users not shown)
Line 1: Line 1:
https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+
* https://kubernetes.io/docs/reference/access-authn-authz/service-accounts-admin/
* [[Terraform Kubernetes resource: kubernetes_service_account]]
+
* https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
 +
* https://kubernetes.io/docs/reference/access-authn-authz/rbac/
 +
[[system:serviceaccount:]] (singular) is the prefix for service account usernames.
 +
[[system:serviceaccounts:]] (plural) is the prefix for service account groups.
  
 +
* <code>[[kind: ServiceAccount]]</code>
 +
* <code>[[kubernetes.io/service-account-token]]</code>
 +
* <code>[[My-first-chart/templates/serviceaccount.yaml]]</code>
  
[[kind: ServiceAccount]]
+
== Commands ==
 +
* <code>[[kubectl get serviceaccounts]], [[kubectl get sa]]</code>
 +
** <code>[[kubectl get sa -n kube-system]]</code>
 +
* <code>[[kubectl create serviceaccount]], [[kubectl create sa]]</code>
 +
* <code>[[kubectl describe sa]]</code>
  
  
 
[[Helm v2]] (deprecated)
 
[[Helm v2]] (deprecated)
[[helm init]] --stable-repo-url=https://charts.helm.sh/stable --service-account [[tiller]] --tiller-image ghcr.io/helm/tiller:v2.16.1
+
* <code>[[helm init]] --stable-repo-url=https://charts.helm.sh/stable --service-account [[tiller]] --tiller-image ghcr.io/helm/tiller:v2.16.1</code>
  
[[kubernetes.io/service-account-token]]
+
== Errors ==
 +
* <code>Error creating: pods "your_pod" [[is forbidden]]: [[error looking up service account]] default/your_service_account: serviceaccount "your_service_account" [[not found]]</code>
 +
* {{impersonator}}
  
 
== Related ==
 
== Related ==
 +
* [[Terraform Kubernetes resource: kubernetes_service_account]]
 
* [[Google Cloud Service account]]
 
* [[Google Cloud Service account]]
 
* [[Helm]]: <code>[[My-first-chart/templates/serviceaccount.yaml]]</code>
 
* [[Helm]]: <code>[[My-first-chart/templates/serviceaccount.yaml]]</code>
 +
* [[Kubernetes roles]]
 +
* [[Token]]: <code>[[aws eks get-token]]</code>
 +
* [[Serviceaccounts controller]]
 +
* [[BoundServiceAccountTokenVolume]]
 +
* <code>[[system:]]</code>
 +
* [[ServiceAccount admission controller]]: <code>[[/var/run/secrets/kubernetes.io/serviceaccount]]</code>
 +
* <code>[[default]]</code>
 +
* [[kubectl describe clusterrolebindings]]
 +
* [[Kubernetes users]], [[Kubernetes groups]]
 +
 +
== Activities ==
 +
* Read AWS documentation: https://docs.aws.amazon.com/eks/latest/userguide/service-accounts.html
 +
* [[Configuring Pods to use a Kubernetes service account]]
  
 
== See also ==
 
== See also ==
* {{K8s}}
+
* {{Kubernetes service account}}
 +
* {{Kubernetes Authentication}}
 +
* {{Kubernetes RBAC}}
 +
* {{Kubernetes users}}
  
 
[[Category:K8s]]
 
[[Category:K8s]]

Latest revision as of 14:40, 31 October 2023

system:serviceaccount: (singular) is the prefix for service account usernames.
system:serviceaccounts: (plural) is the prefix for service account groups.

Commands[edit]


Helm v2 (deprecated)

Errors[edit]

Related[edit]

Activities[edit]

See also[edit]

Advertising: