Hello everyone, please what does it mean to create a service account that does n . . .

Lanre David:
Hello everyone, please what does it mean to create a service account that does not have access to any secrets???

Fernando Jordan Silva:
It means that when you use that service account in your pod, your pod cannot access to any secret

Lanre David:
Thanks @Fernando Jordan Silva, if i want to create such SA that does not have access to any secret, do I have to do anything extra than doing “kubectl create sa my-serviceacct”

Fernando Jordan Silva:
No, it’s more complex than that. You have to assign to that SA some roles / rolebinding to allow access to other elements but not adding secrets. Maybe you can duplicate the roles / bindings for the default SA (using a yaml file) and remove the secrets entity before execute.

Lanre David:
Thanks @Fernando Jordan Silva.