Service accounts

WebLogic Server Kubernetes Operator ServiceAccounts

When the operator is installed, the Helm chart property, serviceAccount, can be specified where the value contains the name of the Kubernetes ServiceAccount in the namespace in which the operator will be installed. For more information about the Helm chart, see the Operator Helm configuration values.

The operator will use this ServiceAccount when calling the Kubernetes API server and the appropriate access controls will be created for this ServiceAccount by the operator’s Helm chart.

For more information about access controls, see RBAC.

If the operator’s service account cannot have the privileges to access the cluster-level resources, such as CustomResourceDefinitions, Namespaces and PersistentVolumes, consider using a dedicated namespace for each operator and the domains that the operator manages. See the dedicated setting in Operator Helm configuration values.

In order to display the ServiceAccount used by the operator, where the operator was installed using the Helm release name weblogic-operator, look for the serviceAccount value using the Helm command:

$ helm get values --all weblogic-operator

Additional reading