• Kubernetes
  • Security

Kubernetes - Disable API Access from Pod

This article will be short, it shows an example of how to disable a pods access to the Kubernetes API. By setting automountServiceAccountToken: false in the template spec for a Deployment you can disable API access to Kubernetes from the container.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: core-server
spec:
  replicas: 1
  selector:
    matchLabels:
      app: core-server
  template:
    metadata:
      labels:
        app: core-server
    spec:
      automountServiceAccountToken: false
      containers:
      - name: core-server
        image: canhorn/ehz-platform-server-core:latest
Cody's logo image, it is an abstract of a black hole with a white Event Horizon.

Cody Merritt Anhorn

A Engineer with a passion for Platform Architecture and Tool Development.