The admission control plugin ServiceAccount is not set
Description
Automate service accounts management. When you create a pod, if you do not specify a service account, it is automatically assigned the default service account in the same namespace. You should create your own service account and let the API server manage its security tokens.
Fix - Buildtime
Kubernetes
- Kind: Pod
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
component: kube-apiserver
tier: control-plane
name: kube-apiserver
namespace: kube-system
spec:
containers:
- command:
+ - kube-apiserver
+ - --enable-admission-plugins=ServiceAccount
image: gcr.io/google_containers/kube-apiserver-amd64:v1.6.0
...