Hey everyone!
I'm just starting out with Kubernetes and I've run into a challenge. I need to access two Service Account (SA) tokens within the same pod. From what I understand, the service account token projected volume is a potential solution, but I've heard it's tricky to use tokens from two different Service Accounts, even if they're in the same namespace. Any guidance would be greatly appreciated!
2 Answers
Why do you need two separate tokens? Generally, it’s not typical to require them. If you need distinct roles, one possible approach is to consider using a sidecar container to manage the second account. Alternatively, you could combine the access policies into a single token instead, which might solve your problem.
If you control the roles, you can configure one Service Account to access the token of the other and fetch it via the API. You might need to set up an entrypoint script or a sidecar container for this to work seamlessly invisible to your app.
I'm trying to dynamically use two different roles when I'm interacting with a third party, hence the need for two tokens.