Service accounts exist within a namespace but can be granted permissions
across the entire cluster, just like any other user. For example:

oadm policy add-cluster-role-to-user cluster-reader
system:serviceaccount:openshift-infra:monitor-service-account



On Thu, Dec 1, 2016 at 3:02 PM, Srinivas Naga Kotaru (skotaru) <
skot...@cisco.com> wrote:

> I knew we can create a service account per project and can be used as a
> password less API work and automations activities. Can we create a service
> account at cluster level and can be used for platform operations
> (monitoring, automation, shared account for operation teams)?
>
>
>
> Intention is to have expiry free tokens.
>
>
>
> --
>
> *Srinivas Kotaru*
>
> _______________________________________________
> dev mailing list
> dev@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
>
>
_______________________________________________
dev mailing list
dev@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/dev

Reply via email to