mirror of
https://github.com/gravitational/teleport
synced 2024-10-21 17:53:28 +00:00
de9f9b9ce9
This script is similar to `examples/gke-auth/get-kubeconfig.sh` but should work for any k8s setup. It uses a service account bearer token for authentication instead of TLS key/cert. These tokens shouldn't expire and are more appropriate for automation. It also fetches the CA cert from the service account secret, which is more reliable than assuming a `kube-dns` pod exists in the cluster. In addition, this script sets up the needed k8s RBAC objects for impersonation, saving the user a few extra steps. |
||
---|---|---|
.. | ||
get-kubeconfig.sh |