A Service Account in Kubernetes is used to authenticate Pods and provide them with permissions to access the API server securely. Each Pod runs under a Service Account, which can be assigned specific RBAC (Role-Based Access Control) permissions.
Why Use Service Accounts?
Secure API Access → Provides authentication for Pods to access the Kubernetes API.
Fine-Grained Permissions → Grants only necessary permissions using RBAC.
This creates a Service Account named my-service-account in the default namespace.
Assigning a Service Account to a Pod
The my-service-account is assigned to the Pod, enabling it to authenticate with Kubernetes APIs.
Granting Permissions Using RBAC
By default, a Service Account has no permissions. You must create a Role or ClusterRole and bind it.
Example: Role & RoleBinding (Namespace-Specific Permissions)
This allows my-service-account to list and get Pods in the default namespace.
Using Service Account with a Deployment
Every Pod in this Deployment will use my-service-account for API access.
In My Previous Role
As a Senior DevOps Engineer, I used Service Accounts to:
Restrict access to Kubernetes resources by assigning minimal privileges.
Authenticate applications securely when integrating with AWS IAM roles for EKS using service account annotations.
Implement Least Privilege Principle using RBAC policies for security-critical workloads.
This improved security, minimized risks, and ensured safe API interactions in Kubernetes clusters. 🚀
🚀 Ready to Master Kubernetes?
Take your Kubernetes journey to the next level with the Master Kubernetes: Zero to Hero course! 🌟 Whether you’re a beginner or aiming to sharpen your skills, this hands-on course covers:
✅ Kubernetes Basics — Grasp essential concepts like nodes, pods, and services.
✅ Advanced Scaling — Learn HPA, VPA, and resource optimization.
✅ Monitoring Tools — Master Prometheus, Grafana, and AlertManager.
✅ Real-World Scenarios — Build production-ready Kubernetes setups.
🔥 Flash Sale: Buy Kubernetes Course, Get Terraform FREE! Limited Time Offer!
