-
Bug
-
Resolution: Unresolved
-
Normal
-
None
-
4.18.0
-
Moderate
-
None
-
MON Sprint 262
-
1
-
False
-
-
NA
-
Release Note Not Required
-
In Progress
Description of problem:
The alertmanager-user-workload Service Account has "automountServiceAccountToken: true"
Version-Release number of selected component (if applicable):
4.18
How reproducible:
Always
Steps to Reproduce:
1. Enable Alertmanager for user-defined monitoring. 2. oc get sa -n openshift-user-workload-monitoring alertmanager-user-workload -o yaml 3.
Actual results:
Has "automountServiceAccountToken: true"
Expected results:
Has "automountServiceAccountToken: false" or no mention of automountServiceAccountToken.
Additional info:
It is recommended to not enable token automount for service accounts in general.