- Hands-On Microservices with Kubernetes
- Gigi Sayfan
- 105字
- 2021-06-24 13:46:33
Service accounts
Service accounts provide identity to your microservices. Each service account will have certain privileges and access rights associated with its account. Service accounts are pretty simple:
apiVersion: v1
kind: ServiceAccount
metadata:
name: custom-service-account
You can associate service accounts with a pod (for example, in the pod spec of a deployment) and the microservices that run inside the pod will have that identity and all the privileges and restrictions associated with that account. If you don't assign a service account, then the pod will get the default service account of its namespace. Each service account is associated with a secret used to authenticate it.