Resource Type: kubernetes_service_account

Defined in:

lib/puppet/type/kubernetes_service_account.rb

Providers:

swagger

Overview

ServiceAccount binds together: * a name, understood by users, and perhaps by peripheral systems, for an identity * a principal that can be authenticated and authorized * a set of secrets

Properties

• automount_service_account_token

  AutomountServiceAccountToken indicates whether pods running as this service account should have an API token automatically mounted. Can be overridden at the pod level.

• ensure (defaults to: present)

  The basic property that the resource should be in.

  Supported values:

  • present
  • absent
• image_pull_secrets

  ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet. More info: kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod

• metadata

  Standard object’s metadata. More info: git.k8s.io/community/contributors/devel/api-conventions.md#metadata

• secrets

  Secrets is the list of secrets allowed to be used by pods running using this ServiceAccount. More info: kubernetes.io/docs/concepts/configuration/secret

Parameters

• name (namevar)

  Name of the service_account.

• provider

  The specific backend to use for this ‘kubernetes_service_account` resource. You will seldom need to specify this — Puppet will usually discover the appropriate provider for your platform.