I have an environment with multiple ServiceAccounts, and pod with access to Kubernetes api using kubernetes python sdk. Which account does the function load_incluster_config() pick up. Is there any way I can specify an account to be picked? I have seen my pod to always pick the "default" named ServiceAccount.
As per the code here it picks up the token from /var/run/secrets/kubernetes.io/serviceaccount/token path inside the pod. So what you need to do is just have a different service account in the pod spec
apiVersion: v1
kind: Pod
metadata:
name: my-pod
spec:
serviceAccountName: build-robotThen it will pick up the service account build-robot. Also note you need to configure role and rolebinding for this service account.