Skip to content
This repository has been archived by the owner on Sep 21, 2023. It is now read-only.

Custom Service Account for vault pods #324

Open
wants to merge 2 commits into
base: master
Choose a base branch
from

Conversation

rblaine95
Copy link

@rblaine95 rblaine95 commented Jun 8, 2018

  • Fixes Issue: Custom service account #313

  • Added Service Account Name to pkg/apis/vault/v1alpha1/types.go VaultServiceSpec to resolve serviceAccountName:{val}.

  • Added ServiceAccountName field to pkg/util/k8sutil/vault.go to allow the vault pods to use a custom, user specified, service account other than default.

@rblaine95 rblaine95 changed the title #313: Custom Service Account Custom Service Account for vault pods Jul 3, 2018
@rblaine95
Copy link
Author

The purpose of this is so that vault (which requires the nonroot SCC and the ipc_lock capability) can be deployed using a custom service account so that you don't have to give the default service account any privileges other than the restricted SCC.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant