Serviceaccount with no secrets


I was trying to to look into a interesting problem to create a serviceaccount with no secrets access but was not successful.

I was trying below yaml (from kubernetes doc):

apiVersion: v1
kind: ServiceAccount
  name: build-robot
automountServiceAccountToken: false

I was able to see the mountable secrets portion everytime i describe the service account, even i delete secret it gets regenerated. Has sanyone come across similar issue.

Thanks in advance

anyone has faced similar problem?

Hello, @peace_around
If you will set resource quota for secrets to “0” then you won’t see mountable secrets anymore.
Without it may not be possible.
It’s already written in the k8s docs. Please have a look for point number 3.