From abc8033cfc8c58fa1dce8c01a73225562a4bb425 Mon Sep 17 00:00:00 2001 From: Felixnoo Date: Mon, 8 Nov 2021 10:02:18 +0800 Subject: [PATCH 1/2] Add EN Doc: Service Accounts Signed-off-by: Felixnoo --- .../configuration/serviceaccounts.md | 45 +++++++++++++++-- .../configuration/serviceaccounts.md | 48 +++++++++++++++++++ 2 files changed, 90 insertions(+), 3 deletions(-) create mode 100644 content/zh/docs/project-user-guide/configuration/serviceaccounts.md diff --git a/content/en/docs/project-user-guide/configuration/serviceaccounts.md b/content/en/docs/project-user-guide/configuration/serviceaccounts.md index 2e9384367..0fb9c6289 100644 --- a/content/en/docs/project-user-guide/configuration/serviceaccounts.md +++ b/content/en/docs/project-user-guide/configuration/serviceaccounts.md @@ -1,9 +1,48 @@ --- title: "Service Accounts" -keywords: 'KubeSphere, Kubernetes, ServiceAccounts' -description: 'Learn how to create Service Accounts in KubeSphere.' +keywords: 'KubeSphere, Kubernetes, Service Accounts' +description: 'Learn how to create service accounts on KubeSphere.' linkTitle: "Service Accounts" weight: 10440 --- -TBD \ No newline at end of file +A [service account](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) provides an identity for processes that run in a Pod. When accessing a cluster, a user is authenticated by the API server as a particular user account. Processes in containers inside Pods are authenticated as a particular service account when these processes contact the API server. + +This document describes how to create service accounts on KubeSphere. + +## Prerequisites + +You need to create a workspace, a project, and a user (`project-regular`), and invite the user to the project and assign it the `operator` role. For more information, see [Create Workspaces, Projects, Users and Roles](../../../quick-start/create-workspace-and-project/). + +## Create Service Account + +### Step 1: Log in to KubeSphere + +1. Log in to the KubeSphere console as `project-regular`. Go to **Configuration** of a project and click **Service Accounts**. A service account named `default` is displayed on the **Service Accounts** page as it is automatically created when the project is created. + + {{< notice note >}} + + If no service account is specified when creating workloads in a project, the service account `default` in the same project is automatically assigned. + + {{}} + +2. Click **Create**. + +### Step 2: Set a Service Account + +1. In the displayed dialog box, set the following parameters: + - **Name**: A unique identifier for the service account. + - **Alias**: An alias for the service account to help you better identify the service account. + - **Description**: A brief introduction of the service account. + - **Project Role**: Select a project role from the drop-down list for the service account. Different project roles have [different permissions](../../../project-administration/role-and-member-management/#built-in-roles) in a project. +2. Click **Create** after you finish setting the parameters. The service account created is displayed on the **Service Accounts** page. + +## Service Account Details Page + +1. Click the service account created to go to its details page. +2. Click **Edit Information** to edit its basic information, or click **More** to select an operation from the drop-down menu. + - **Edit YAML**: View, update, or download the YAML file. + - **Change Role**: Change the project role of the service account. + - **Delete**: Delete the service account and return to the previous page. +3. On the **Resource Status** tab, details about the corresponding Secret and the kubeconfig of the service account are displayed. + diff --git a/content/zh/docs/project-user-guide/configuration/serviceaccounts.md b/content/zh/docs/project-user-guide/configuration/serviceaccounts.md new file mode 100644 index 000000000..0fb9c6289 --- /dev/null +++ b/content/zh/docs/project-user-guide/configuration/serviceaccounts.md @@ -0,0 +1,48 @@ +--- +title: "Service Accounts" +keywords: 'KubeSphere, Kubernetes, Service Accounts' +description: 'Learn how to create service accounts on KubeSphere.' +linkTitle: "Service Accounts" +weight: 10440 +--- + +A [service account](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) provides an identity for processes that run in a Pod. When accessing a cluster, a user is authenticated by the API server as a particular user account. Processes in containers inside Pods are authenticated as a particular service account when these processes contact the API server. + +This document describes how to create service accounts on KubeSphere. + +## Prerequisites + +You need to create a workspace, a project, and a user (`project-regular`), and invite the user to the project and assign it the `operator` role. For more information, see [Create Workspaces, Projects, Users and Roles](../../../quick-start/create-workspace-and-project/). + +## Create Service Account + +### Step 1: Log in to KubeSphere + +1. Log in to the KubeSphere console as `project-regular`. Go to **Configuration** of a project and click **Service Accounts**. A service account named `default` is displayed on the **Service Accounts** page as it is automatically created when the project is created. + + {{< notice note >}} + + If no service account is specified when creating workloads in a project, the service account `default` in the same project is automatically assigned. + + {{}} + +2. Click **Create**. + +### Step 2: Set a Service Account + +1. In the displayed dialog box, set the following parameters: + - **Name**: A unique identifier for the service account. + - **Alias**: An alias for the service account to help you better identify the service account. + - **Description**: A brief introduction of the service account. + - **Project Role**: Select a project role from the drop-down list for the service account. Different project roles have [different permissions](../../../project-administration/role-and-member-management/#built-in-roles) in a project. +2. Click **Create** after you finish setting the parameters. The service account created is displayed on the **Service Accounts** page. + +## Service Account Details Page + +1. Click the service account created to go to its details page. +2. Click **Edit Information** to edit its basic information, or click **More** to select an operation from the drop-down menu. + - **Edit YAML**: View, update, or download the YAML file. + - **Change Role**: Change the project role of the service account. + - **Delete**: Delete the service account and return to the previous page. +3. On the **Resource Status** tab, details about the corresponding Secret and the kubeconfig of the service account are displayed. + From 6aa6c0cdfb18dd7b477ab97e17bd62801c51314a Mon Sep 17 00:00:00 2001 From: Felixnoo Date: Wed, 1 Dec 2021 13:17:49 +0800 Subject: [PATCH 2/2] minor updates Signed-off-by: Felixnoo --- .../en/docs/project-user-guide/configuration/serviceaccounts.md | 2 +- .../zh/docs/project-user-guide/configuration/serviceaccounts.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/content/en/docs/project-user-guide/configuration/serviceaccounts.md b/content/en/docs/project-user-guide/configuration/serviceaccounts.md index 0fb9c6289..d05ffb2a9 100644 --- a/content/en/docs/project-user-guide/configuration/serviceaccounts.md +++ b/content/en/docs/project-user-guide/configuration/serviceaccounts.md @@ -28,7 +28,7 @@ You need to create a workspace, a project, and a user (`project-regular`), and i 2. Click **Create**. -### Step 2: Set a Service Account +### Step 2: Set a service account 1. In the displayed dialog box, set the following parameters: - **Name**: A unique identifier for the service account. diff --git a/content/zh/docs/project-user-guide/configuration/serviceaccounts.md b/content/zh/docs/project-user-guide/configuration/serviceaccounts.md index 0fb9c6289..d05ffb2a9 100644 --- a/content/zh/docs/project-user-guide/configuration/serviceaccounts.md +++ b/content/zh/docs/project-user-guide/configuration/serviceaccounts.md @@ -28,7 +28,7 @@ You need to create a workspace, a project, and a user (`project-regular`), and i 2. Click **Create**. -### Step 2: Set a Service Account +### Step 2: Set a service account 1. In the displayed dialog box, set the following parameters: - **Name**: A unique identifier for the service account.