DEV Community

JJ Asghar
JJ Asghar

Posted on • Originally published at jjasghar.github.io on

How to create a cluster-admin bearer token on Kubernetes

#sysadmin #kubernetes

Some times you need a cluster-admin bearer token. Here are the commands to createone:

NOTE : “clusteradmin-sa” can be any name, it’s good to have something-sa so you know what it is.

kubectl create sa clusteradmin-sa
kubectl create clusterrolebinding software-sa --clusterrole=cluster-admin --serviceaccount=default:software-sa
kubectl get secrets | grep software-sa
kubectl describe secret software-sa-token-<SOME-HASH>
Enter fullscreen mode Exit fullscreen mode

The following is a yaml defintion that should give you the secret that does basiclly a cluster-admin

apiVersion: v1
kind: ServiceAccount
metadata:
  name: software
  namespace: default
secrets:
- name: software-secret
---
apiVersion: v1
kind: Secret
metadata:
  name: software-secret
  annotations:
    kubernetes.io/service-account.name: software
type: kubernetes.io/service-account-token
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: software-role
rules:
- apiGroups: ["*"]
  resources: ["*"]
  verbs: ["*"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: software-role-binding
roleRef:
  kind: ClusterRole
  name: software-role
  apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
  name: software
  namespace: default
Enter fullscreen mode Exit fullscreen mode

Top comments (0)

Read next

audu97 profile image

End-to-End workflow with Azure Devops, Docker and ArgoCD

Audu Ephraim -

lulu_liu_c90f973e2f954d7f profile image

DIY Deployment of SafeLine WAF on K8s

Lulu -

adityabhuyan profile image

Understanding Docker and Kubernetes: Key Differences and Complementary Uses in Cloud Environments

Aditya Pratap Bhuyan -

iamamash profile image

DevOpsifying a Go Web Application: An End-to-End Guide

Amash Ansari -