OCPBUGS#9364: create bounnd SA token externally

openshift · Mar 27, 2023 · b8f974f · b8f974f
1 parent d4e32c4
commit b8f974f
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 0 deletions.
diff --git a/authentication/bound-service-account-tokens.adoc b/authentication/bound-service-account-tokens.adoc
@@ -14,9 +14,14 @@ include::modules/bound-sa-tokens-about.adoc[leveloffset=+1]
 // Configuring bound service account tokens using volume projection
 include::modules/bound-sa-tokens-configuring.adoc[leveloffset=+1]
 
+// Creating bound service account tokens outside the pod
+include::modules/bound-sa-tokens-configuring-externally.adoc[leveloffset=+1]
+
 [role="_additional-resources"]
 .Additional resources
 
 * xref:../nodes/nodes/nodes-nodes-rebooting.adoc#nodes-nodes-rebooting-gracefully_nodes-nodes-rebooting[Rebooting a node gracefully]
 
+* xref:../authentication/understanding-and-creating-service-accounts.adoc#service-accounts-managing_understanding-service-accounts[Creating service accounts]
+
 // TODO: Verify distros: openshift-enterprise,openshift-webscale,openshift-origin
diff --git a/modules/bound-sa-tokens-configuring-externally.adoc b/modules/bound-sa-tokens-configuring-externally.adoc
@@ -0,0 +1,27 @@
+// Module included in the following assemblies:
+//
+// * authentication/bound-service-account-tokens.adoc
+
+:_content-type: PROCEDURE
+[id="bound-sa-tokens-configuring-externally_{context}"]
+= Creating bound service account tokens outside the pod
+
+.Prerequisites
+
+* You have access to the cluster as a user with the `cluster-admin` role.
+* You have created a service account. This procedure assumes that the service account is named `build-robot`.
+
+.Procedure
+
+* Create the bound service account token outside the pod by running the following command:
++
+[source,terminal]
+----
+$ oc create token build-robot
+----
++
+.Example output
+[source,terminal]
+----
+eyJhbGciOiJSUzI1NiIsImtpZCI6IkY2M1N4MHRvc2xFNnFSQlA4eG9GYzVPdnN3NkhIV0tRWmFrUDRNcWx4S0kifQ.eyJhdWQiOlsiaHR0cHM6Ly9pc3N1ZXIyLnRlc3QuY29tIiwiaHR0cHM6Ly9pc3N1ZXIxLnRlc3QuY29tIiwiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjIl0sImV4cCI6MTY3OTU0MzgzMCwiaWF0IjoxNjc5NTQwMjMwLCJpc3MiOiJodHRwczovL2lzc3VlcjIudGVzdC5jb20iLCJrdWJlcm5ldGVzLmlvIjp7Im5hbWVzcGFjZSI6ImRlZmF1bHQiLCJzZXJ2aWNlYWNjb3VudCI6eyJuYW1lIjoidGVzdC1zYSIsInVpZCI6ImM3ZjA4MjkwLWIzOTUtNGM4NC04NjI4LTMzMTM1NTVhNWY1OSJ9fSwibmJmIjoxNjc5NTQwMjMwLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6ZGVmYXVsdDp0ZXN0LXNhIn0.WyAOPvh1BFMUl3LNhBCrQeaB5wSynbnCfojWuNNPSilT4YvFnKibxwREwmzHpV4LO1xOFZHSi6bXBOmG_o-m0XNDYL3FrGHd65mymiFyluztxa2lgHVxjw5reIV5ZLgNSol3Y8bJqQqmNg3rtQQWRML2kpJBXdDHNww0E5XOypmffYkfkadli8lN5QQD-MhsCbiAF8waCYs8bj6V6Y7uUKTcxee8sCjiRMVtXKjQtooERKm-CH_p57wxCljIBeM89VdaR51NJGued4hVV5lxvVrYZFu89lBEAq4oyQN_d6N1vBWGXQMyoihnt_fQjn-NfnlJWk-3NSZDIluDJAv7e-MTEk3geDrHVQKNEzDei2-Un64hSzb-n1g1M0Vn0885wQBQAePC9UlZm8YZlMNk1tq6wIUKQTMv3HPfi5HtBRqVc2eVs0EfMX4-x-PHhPCasJ6qLJWyj6DvyQ08dP4DW_TWZVGvKlmId0hzwpg59TTcLR0iCklSEJgAVEEd13Aa_M0-faD11L3MhUGxw0qxgOsPczdXUsolSISbefs7OKymzFSIkTAn9sDQ8PHMOsuyxsK8vzfrR-E0z7MAeguZ2kaIY7cZqbN6WFy0caWgx46hrKem9vCKALefElRYbCg3hcBmowBcRTOqaFHLNnHghhU1LaRpoFzH7OUarqX9SGQ
+----