Back to Glossary
Kubernetes

What is Service Account?

A Kubernetes identity for processes running in pods to authenticate to the API server.

A ServiceAccount provides an identity for processes running in pods. Each pod is associated with a service account (default if not specified). Service accounts can be granted RBAC permissions to interact with the Kubernetes API. In EKS, service accounts are annotated with an IAM role ARN for IRSA — giving pods AWS permissions. Avoid using the default service account with broad permissions. Always create dedicated service accounts with minimal necessary permissions.

Related Terms

RBAC (Role-Based Access Control)IRSA (IAM Roles for Service Accounts)PodIAM (Identity and Access Management)

More Kubernetes Terms

Admission Controller

A Kubernetes plugin that intercepts API requests before objects are persisted.

Auto Scaling

Automatically adjusting the number of compute resources based on demand.

ClusterIP

The default Kubernetes Service type that exposes a service on an internal cluster IP.

ConfigMap

A Kubernetes object for storing non-sensitive configuration data as key-value pairs.

Controller Manager

Kubernetes control plane component running control loops to maintain desired state.

CoreDNS

The default DNS server in Kubernetes clusters for service discovery.

Test your knowledge of Service Account and 130 other DevOps concepts

Interview PrepFull Glossary