Are there guidelines for when it is and isn’t wise to use the default service account in a namespace?
… the infamous
defaultservice accounts, which you shouldn’t be using …
Yet I have found no other articles or documentation warning against the use of the default service account in namespaces. (In contrast to using the default namespace and its service account, which clearly is not a good choice).
Given that a namespace’s default service account is unique to that namespace, what are the risks associated with using the default service account?
We are inclined to use the default service account in cases where a namespace has only one or a few pods that are closely related and we don’t anticipate using multiple service accounts. In cases where multiple service accounts are expected within a namespace, we would not use the default service account (it would be awkward to use the default account + other custom named accounts, but workable)