Kubernetes 101 : Service Accounts

Kubernetes uses a service account to authenticate services and applications process with the API server.

The service account can be assigned to a pod for example and be
attached to role-based access control rules.

When we install kubernetesa default service account 
is created and it is used by pods that don't have a service account associated with them .

To create a service account named "sa_1" using the command line we use the below command:

We could also create a service account using a Yaml file as below:

We could check our newly created service account using the below command:

To see more details about our service accounts, including their authentication token, we could use the below command:

We could also check the authentication token - included in the kubernetes secret - that the service account uses as follows:


A secret is a kubernetes object that holds "secret" information like passwords for example. The pod has access to its secret through a mounted volume.

We could assign our service account to a pod using the below:

We could also do it using a pod's Yaml file as follows:


Leave as a comment: