Service account
Limited vCluster Tenancy Configuration Support
This feature is only available for the following:
Running the control plane as a container and the following worker node types:
- Host Nodes
- Private Nodes
Modify the vCluster control plane's ServiceAccount. You may need to do this in these situations:
- You are using a private image registry. See
defaultImageRegistryconfiguration. - You are using a Cloud provider's IAM integration, such as Google's Workload Identity and AWS's IAM roles for service accounts(IRSA).
- You need to provide AuthN or AuthZ for cloud provider image registries.
Config reference​
serviceAccount required object ​
ServiceAccount specifies options for the vCluster control plane service account.
serviceAccount required object ​enabled required boolean true ​
Enabled specifies if the service account should get deployed.
enabled required boolean true ​name required string ​
Name specifies what name to use for the service account.
name required string ​imagePullSecrets required object[] ​
ImagePullSecrets defines extra image pull secrets for the service account.
imagePullSecrets required object[] ​name required string ​
Name of the image pull secret to use.
name required string ​annotations required object {} ​
Annotations are extra annotations for this resource.
annotations required object {} ​labels required object {} ​
Labels are extra labels for this resource.
labels required object {} ​