Kubernetes Tips : How Service Account operates
One common query that frequently arises, particularly in DevOps settings, is whether the Kubernetes service account possesses the necessary permissions.
You may have a service account allocated to pods by your team or a platform team.
It’s crucial to understand the extent of a service account’s access for activities such as pod deletion, namespace listing, or deployment removal.
Here’s a simple method to perform this check: utilize the “kubectl auth can-i” command.
For example, if you want to determine whether the “api-service-account” in the “devops-tools” namespace can delete deployments, open your terminal and input the following command:
kubectl auth can-i delete deployments - as=system:serviceaccount:devops-tools:api-service-account
Upon pressing Enter, you will receive one of two responses:
✅ Yes -> This indicates that your service account has the necessary permissions to delete deployments.
❌ No -> This signifies that the permissions are lacking.
Looking for more tips like this?
Check Out DevOps Tips in :
Website : https://devopstreet.com