K
Q

Get serviceaccount info according to its corresponding token in kubernetes?

12/13/2018

In kubernetes, every serviceaccount has a corresponding secret which hold a token.How can I get the serviceaccount' Info(ex. name and namespace) through the token?

-- zhixin.cao
kubernetes
token

Similar Questions

Corrupt jar in minikube
running 2 pods vs 1 larger pod on Kubernetes?
Getting no module named pandas error in airflow even after pandas getting successfully installed
Is there a way to get the Kubernetes version using Prometheus API?

1 Answer

12/13/2018

The SA secret token is based on JWT you can use for example: https://www.jsonwebtoken.io/ to get a json containing the information of the token as follow:

{
 "iss": "kubernetes/serviceaccount",
 "kubernetes.io/serviceaccount/namespace": "**<your_namespace>**",
 "kubernetes.io/serviceaccount/secret.name": "**<your_sa_name>-token-xxxxx**",
 "kubernetes.io/serviceaccount/service-account.name": "**<your_sa_name>**",
 "kubernetes.io/serviceaccount/service-account.uid": "**<your_sa_uid>**",
 "sub": "system:serviceaccount:<your_namespace>:**<your_sa_name>**",
 "jti": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
 "iat": 9999999999,
 "exp": 9999999999
}

Hope this helps

-- hkhelil
Source: StackOverflow