0

I read in documentation of K8S https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-issuer-discovery

But i can't find in documentation and online when K8S rotates the key? Each day/week/month/other time? And how to configure it.

Any idea?

jps
  • 20,041
  • 15
  • 75
  • 79
tamirz12345
  • 47
  • 2
  • 8

1 Answers1

1

The official document assumed you have solid OIDC know-how. Here's a good start with example to follow: https://banzaicloud.com/blog/kubernetes-oidc/

gohm'c
  • 13,492
  • 1
  • 9
  • 16
  • In short it means that if i don't do nothing on my K8S cluster the result of /openid/v1/jwks Will be the same and it won't change the key for the token automatically ? – tamirz12345 Dec 14 '21 at 13:48
  • That's the default behavior. See other possibilities [here](https://github.com/kubernetes/kubernetes/issues/20165#issuecomment-950939312). – gohm'c Dec 14 '21 at 16:17