File tree Expand file tree Collapse file tree 1 file changed +2
-1
lines changed
content/en/docs/reference/access-authn-authz Expand file tree Collapse file tree 1 file changed +2
-1
lines changed Original file line number Diff line number Diff line change @@ -98,7 +98,8 @@ each source also represents a single path within that volume. The three sources
9898
99991. A ` serviceAccountToken` source, that contains a token that the kubelet acquires from kube-apiserver.
100100 The kubelet fetches time-bound tokens using the TokenRequest API. A token served for a TokenRequest expires
101- either when the pod is deleted or after a defined lifespan (by default, that is 1 hour).
101+ either when the pod is deleted or after a defined lifespan (by default, that is 1 hour). The token
102+ will be refreshed by the kubelet prior to expiry.
102103 The token is bound to the specific Pod and has the kube-apiserver as its audience.
103104 This mechanism superseded an earlier mechanism that added a volume based on a Secret,
104105 where the Secret represented the ServiceAccount for the Pod, but did not expire.
You can’t perform that action at this time.
0 commit comments