Service Account

Especially when automating processes (CI/CD), it is common for a program to authenticate with Kubernetes directly. In this scenario, it’s impractical for authentication to have a very short validity period, and it’s important that access for such programs is restricted to the exact permissions they require.

For this kind of authentication, Kubernetes provides what are known as Service Accounts and a Role-Based Access Control (RBAC) system.

Recently, Kubernetes has deprecated and removed the feature that will automatically create a long-lived ServiceAccount token for any ServiceAccount. Now the token must be explicitly created as described here