Member-only story
DevOps in K8s — API-Server Request Handler Chain, Impersonation
Note, full “DevOps in K8s” mind map is available at: “DevOps in K8s Mind Map”
API Server Request Handler Chain
Below is a diagram of the API server handler chain:
In this article, we will focus on the “impersonation”.
What is Impersonation
In K8s, impersonation refers to the ability to perform API operations on behalf of another user or entity. It allows a user or service account to act with the privileges of another user or service account, without needing to authenticate as that user or service account.
Impersonation is supported by the K8s API server, which provides an impersonation API that allows authorized users to assume the identity of another user or service account when accessing the K8s API. This API is typically used by cluster administrators to troubleshoot and debug issues, or by developers to test applications with different user or service account contexts.
