From the course: Automating Kubernetes with GitOps

Unlock this course with a free trial

Join today to access over 24,700 courses taught by industry experts.

Providing operator API access

Providing operator API access

- So if you are going to use Kubernetes operators, these are applications that need access to the API and that is not going to be allowed without any preparation. So what is involved? Well, in a Kubernetes GitOps environment, we want to use operators that automatically create and update applications in Kubernetes. To do so, the operator needs permissions. And to allow Kubernetes applications to manage other Kubernetes resources. Kubernetes provides the ServiceAccount resource. Each application uses a default ServiceAccount, and this default ServiceAccount provides very limited access to the cluster. For the GitOps operator to work, the ServiceAccount needs additional permissions and to obtain these permissions, RoleBindings or ClusterRoleBindings to roles and cluster roles is needed. Before continuing, let's explore the default ServiceAccount. So kubectl get pods is showing that we have default pod. So let's do this on "defaultpod -o yaml | less". And there we go, ServiceAccount is…

Contents