Jordan

That helps. Thanks for quick help.

Can we use this sa account to login into console and OC clinet? If yes how? I 
knew SA account only has non expired token but no password


--
Srinivas Kotaru

From: Jordan Liggitt <jligg...@redhat.com>
Date: Thursday, December 1, 2016 at 12:04 PM
To: Srinivas Naga Kotaru <skot...@cisco.com>
Cc: dev <dev@lists.openshift.redhat.com>
Subject: Re: cluster wide service acount

Service accounts exist within a namespace but can be granted permissions across 
the entire cluster, just like any other user. For example:
oadm policy add-cluster-role-to-user cluster-reader 
system:serviceaccount:openshift-infra:monitor-service-account


On Thu, Dec 1, 2016 at 3:02 PM, Srinivas Naga Kotaru (skotaru) 
<skot...@cisco.com<mailto:skot...@cisco.com>> wrote:
I knew we can create a service account per project and can be used as a 
password less API work and automations activities. Can we create a service 
account at cluster level and can be used for platform operations (monitoring, 
automation, shared account for operation teams)?

Intention is to have expiry free tokens.

--
Srinivas Kotaru

_______________________________________________
dev mailing list
dev@lists.openshift.redhat.com<mailto:dev@lists.openshift.redhat.com>
http://lists.openshift.redhat.com/openshiftmm/listinfo/dev

_______________________________________________
dev mailing list
dev@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/dev

Reply via email to