Service Accounts - Sandeep-K-Khandelwal/CKAD GitHub Wiki

• To create a service account run the command kubectl create <serviceaccount_name>
• To view the service accounts run the kubectl get serviceaccounts command. This will list all the service accounts.
• When a service account is created, it first creates the service account object and then generates a token for the service account. It then creates a secret object and stores that token inside the secret object. The secret object is then linked to the service account. To view the token, view the secret object by running the command kubectl describe secret <secret_name>.
• Use the service account in the POD definition file:

apiVersion: v1
kind: Pod
metadata:
  name: myapp-pod
spec:
  containers:
    - name: nginx-container
      image: nginx
  serviceAccount: my-service-account

• the secrets will be mounted into the POD with the above definition file