apiVersion: v1
kind: ServiceAccount
metadata:
name: vrealize-k8s01
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: vrealize-k8s01
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: vrealize-k8s01
namespace: kube-system
Save and close the file (named rbac-svcacct-vrealize.yaml for this example).
kubectl describe sa vrealize-k8s01 -n kube-system
Note: You will see output similar to the following:
Name: vrealize-k8s01
Namespace: kube-system
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","kind":"ServiceAccount","metadata":{"annotations":{},"name":"vrealize -k8s01","namespace":"kube-system"}}
Image pull secrets: <none>
Mountable secrets: vrealize-k8s01-token-r94k4
Tokens: vrealize-k8s01-token-r94k4
Events: <none>
kubectl describe secret vrealize-k8s01-token-r94k4 -n kube-system
Note: You will see output similar to the following:
Name: vrealize-k8s01
Namespace: kube-system
Labels: <none>
Annotations: kubectl.kubernetes.io/last-applied-configuration:
{"apiVersion":"v1","kind":"ServiceAccount","metadata":{"annotations":{},"name":"vrealize -k8s01","namespace":"kube-system"}}
Image pull secrets: <none>
Mountable secrets: vrealize-k8s01-token-r94k4
Tokens: vrealize-k8s01-token-r94k4
Events: <none>
ubuntu@cli-vm:~$ kubectl -n kube-system describe secrets vrealize-k8s01-token-r94k4
Name: vrealize-k8s01-token-r94k4
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name: vrealize-k8s01
kubernetes.io/service-account.uid: d3e78716-f027-11e9-8352-005056a54672
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1094 bytes
namespace: 11 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJ2cmVhbGl6ZS1rOHMwMS10b2tlbi1yOTRrNCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJ2cmVhbGl6ZS1rOHMwMSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImQzZTc4NzE2LWYwMjctMTFlOS04MzUyLTAwNTA1NmE1NDY3MiIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTp2cmVhbGl6ZS1rOHMwMSJ9.m1TCOU9L7s36GX7LvjPsNsXausErHtgVNQJLEg1EtyMIYLp6nyVFJTmH6aA-Fk8qpLV98zuiqXeHYISp6g_cFZEd50_uCmIWtEznSnXBAfeJ5YpnOL3thTPYqTmpe_s5n2gyy3wYqc0P3CCl2YNn-cVTxyCoUuLtiEpvIEpExwe2k8Jw6TW8jjmiFJxDpv3yS4ZBJL2IW0Elpue9JiCkigNaxxipuDuEjG0oRrKeTrs4grPMTCOTtTbDaR9LdC8d9q14eSIoWlRAOCpPLzlh43veKjS57amI5o4PCa2AGEIxJVRuQhMgQLa6AFMd3B1EZaCbCOu9NfQDdkMTC2V3mw