Is there a way we can restrict a pod not to use a particualr service account, we give all the access to a service account and any pods running in the namespace can simply pretend themselves as using that service account. so even if we give control w.r.t service account level, any deployment can use the service account in the same namespace and get all the access. How can we solve this.?
Related topics
Topic | Replies | Views | Activity | |
---|---|---|---|---|
Does restricting the access based on service account is really secured | 5 | 1794 | November 13, 2019 | |
Restrict specific service account in a namespace | 1 | 1921 | February 24, 2021 | |
Restricting secret mounting for pods | 1 | 766 | November 27, 2023 | |
RBAC for K8s secrets limited to certain pods in same namespace | 2 | 1031 | August 15, 2020 | |
Can we use different service account in a pod | 1 | 257 | May 10, 2024 |