- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 32 for token3 (0.08 sec)
-
CHANGELOG/CHANGELOG-1.29.md
- `alpha` support (guarded by the `ServiceAccountTokenJTI` feature gate) for adding a `jti` (JWT ID) claim to service account tokens it issues, adding an `authentication.kubernetes.io/credential-id` audit annotation in audit logs when the tokens are issued, and `authentication.kubernetes.io/credential-id` entry in the extra user info when the token is used to authenticate.
Registered: Fri Nov 01 09:05:11 UTC 2024 - Last Modified: Wed Oct 23 04:37:31 UTC 2024 - 375.1K bytes - Viewed (1) -
common-protos/k8s.io/api/core/v1/generated.proto
// token, and otherwise should reject the token. The audience defaults to the // identifier of the apiserver. // +optional optional string audience = 1; // expirationSeconds is the requested duration of validity of the service // account token. As the token approaches expiration, the kubelet volume // plugin will proactively rotate the service account token. The kubelet will
Registered: Wed Nov 06 22:53:10 UTC 2024 - Last Modified: Mon Mar 11 18:43:24 UTC 2024 - 255.8K bytes - Viewed (0) -
CHANGELOG/CHANGELOG-1.8.md
- The default Bootstrap Token created with `kubeadm init` v1.8 expires and is deleted after 24 hours by default to limit the exposure of the valuable credential. You can create a new Bootstrap Token with `kubeadm token create` or make the default token permanently valid by specifying `--token-ttl 0` to `kubeadm init`. The default token can later be deleted with `kubeadm token delete`.
Registered: Fri Nov 01 09:05:11 UTC 2024 - Last Modified: Tue Feb 20 15:45:02 UTC 2024 - 312.2K bytes - Viewed (0) -
CHANGELOG/CHANGELOG-1.21.md
- This changes the tokens provided to containers at `/var/run/secrets/kubernetes.io/serviceaccount/token` to be time-limited, auto-refreshed, and invalidated when the containing pod is deleted. - Clients should reload the token from disk periodically (once per minute is recommended) to ensure they continue to use a valid token. `k8s.io/client-go` version v11.0.0+ and v0.15.0+ reload tokens automatically.
Registered: Fri Nov 01 09:05:11 UTC 2024 - Last Modified: Fri Oct 14 07:03:14 UTC 2022 - 367.3K bytes - Viewed (0) -
CHANGELOG/CHANGELOG-1.6.md
* **[alpha]** New Bootstrap Token authentication and management method. Works well with kubeadm. kubeadm now supports managing tokens, including time based expiration, after the cluster is launched. See [kubeadm reference docs](https://kubernetes.io/docs/admin/kubeadm/#manage-tokens) for details.
Registered: Fri Nov 01 09:05:11 UTC 2024 - Last Modified: Thu Dec 24 02:28:26 UTC 2020 - 304K bytes - Viewed (0) -
CHANGELOG/CHANGELOG-1.7.md
* `--service-account-lookup` now defaults to true, requiring the Secret API object containing the token to exist in order for a service account token to be valid. This enables service account tokens to be revoked by deleting the Secret object containing the token. ([#44071](https://github.com/kubernetes/kubernetes/pull/44071), [@liggitt](https://github.com/liggitt))
Registered: Fri Nov 01 09:05:11 UTC 2024 - Last Modified: Thu May 05 13:44:43 UTC 2022 - 308.7K bytes - Viewed (1) -
CHANGELOG/CHANGELOG-1.11.md
* kubeadm: The Token-related fields in the `MasterConfiguration` object have now been refactored. Instead of the top-level `.Token`, `.TokenTTL`, `.TokenUsages`, `.TokenGroups` fields, there is now a `BootstrapTokens` slice of `BootstrapToken` objects that support the same features under the `.Token`, `.TTL`, `.Usages`, `.Groups` fields. ([#64408](https://github.com/kubernetes/kubernetes/pull/64408), [@lu...
Registered: Fri Nov 01 09:05:11 UTC 2024 - Last Modified: Thu Feb 06 06:04:15 UTC 2020 - 328.4K bytes - Viewed (0) -
CHANGELOG/CHANGELOG-1.24.md
enabled by default. When enabled, Secret API objects containing service account tokens are no longer auto-generated for every ServiceAccount. Use the [TokenRequest](https://kubernetes.io/docs/reference/kubernetes-api/authentication-resources/token-request-v1/) API to acquire service account tokens, or if a non-expiring token is required, create a Secret API object for the token controller to populate with a service account token by following this [guide](https://kubernetes.io/docs/concepts/configurati...
Registered: Fri Nov 01 09:05:11 UTC 2024 - Last Modified: Thu Aug 24 00:02:43 UTC 2023 - 473.4K bytes - Viewed (0) -
CHANGELOG/CHANGELOG-1.17.md
- Kube-apiserver can now specify `--authentication-token-webhook-version=v1` or `--authorization-webhook-version=v1` to use `v1` TokenReview and SubjectAccessReview API objects when communicating with authentication and authorization webhooks. ([#84768](https://github.com/kubernetes/kubernetes/pull/84768), [@liggitt](https://github.com/liggitt))
Registered: Fri Nov 01 09:05:11 UTC 2024 - Last Modified: Thu Jan 28 10:44:33 UTC 2021 - 346.2K bytes - Viewed (1) -
CHANGELOG/CHANGELOG-1.18.md
- The alpha feature `ServiceAccountIssuerDiscovery` enables publishing OIDC discovery information and service account token verification keys at `/.well-known/openid-configuration` and `/openid/v1/jwks` endpoints by API servers configured to issue service account tokens. ([#80724](https://github.com/kubernetes/kubernetes/pull/80724), [@cceckman](https://github.com/cceckman)) [SIG API Machinery, Auth, Cluster Lifecycle and Testing]
Registered: Fri Nov 01 09:05:11 UTC 2024 - Last Modified: Wed Jun 16 17:18:28 UTC 2021 - 373.2K bytes - Viewed (0)