18 June 2023
Service accounts are utilized by pods in a cluster to communicate with k8s api.
So service accounts can grant relevant access to the pods within the cluster to the k8s api.
Creating a namespace :-
kubectl create namespace yash
Creating a kubernetes service account :-
You can create service account easily using following command:-
kubectl create serviceaccount myserviceaccount
The creation of a basic service account is simple.
Create a role that will be utilzed by the service account :-
Just like the previous blogs we can create a basic role using following:-
kubectl create role myrole --resource="pod" --verb="list" --namespace="yash"
Binding the service account with the role using rolebinding :-
kubectl create rolebinding myrolebinding-sa --role="myrole" --serviceaccount="yash:myserviceaccount"
Now the use case is that you can define this serviceAccount to the pod manifest.
But who tfaq uses pod manifest, usually people use deployment manifest and there under pod spec you define this serviceAccount.
Till now I was not able to generate a deployment that can have custom serviceAccount value using –template so will explore,
Till then let us keep this till here…