Azure AKS - Create Service Account in Kubernetes
In your Azure AKS cluster, a Service Account provides an identity for all processes that run in a pod. These processes can talk to the API server only if a Service Account has been defined.
To create a service account in your Azure AKS cluster, follow these steps:
Azure AKS: Create Service Account Manifest File
To create a Service Account, you need to create its YAML file for deployment. Let's call this file service_account.yaml and its content is shown below:
Note
The parameters required to create this YAML file, ready to be deployed, are explained in the Properties section.
kind: ServiceAccount
apiVersion: v1
metadata:
name: ncache-operator
Deploy Service Account
Once you have created a YAML file, it is ready to be deployed in your Azure AKS cluster. Run the following command in the cloud shell to set a service account for the processes inside the cluster:
kubectl create -f [dir]/service_account.yaml
You can verify the successful creation of this account by executing get
verb as follows:
kubectl get serviceaccounts
Properties
The properties required to create a service account are explained below:
Parameter | Description |
---|---|
-kind |
This can be many different types like a Deployment, a Service, DaemonSet, or StatefulSet. In this case, it will be a ServiceAccount . |
-apiVersion |
Specifies the version of the kind and it depends on the underlying version of Kubernetes. |
-name |
Specifies the name of the Operator you will deploy that needs access to the service account. |
After the successful execution of this command, you need to create a Role definition, the steps of which are explained in the next chapter.
See Also
Create Role Definition in Kubernetes
Create Role Binding in Kubernetes
Create NCache Operator in Kubernetes