π©βπ TIL About kubectl create token
When I’m developing tools that need to talk to kubernetes API, but don’t really need to run in-cluster, I used to just start with my “admin” kubeconfig. Which of course has far more permissions than the tool really needs. Ending up in a situation where “works on my machine”, but not in-cluster due to missing permissions in of the service account. (Yeah, I often was too lazy to get a token, even though I knew better).
Since many years kubectl create token $SERVICE_ACCOUNT exists, and I should have known π