What is the GCP service account used for?
ademariag opened this issue · comments
Alessandro De Maria commented
Hi,
probably I am missing something, but what is the actual GCP service account used for?
The estafette-gke-preemptible-killer
seems to delete the nodes using a call to the kubernetes API, which is in fact whitelisted in the rbac.
If so, what do you use the service account for?
Alessandro De Maria commented
Looking at the code I realise the GCE Service Account is needed to delete the actual node, as the kubectl delete node X
only removed it from the cluster.
Thank you, closing this issue