### Enhancement Description - One-line enhancement description (can be used as a release note): Bound service account token improvements - Kubernetes Enhancement Proposal: https://github.com/kubernetes/enhancements/blob/master/keps/sig-auth/4193-bound-service-account-token-improvements/ - Discussion Link: Discussion Link: [2023-08-16](https://youtu.be/RID_qxdhCgU?si=C8m5S-RFICzhu_9B&t=2683) [2023-08-02](https://youtu.be/I-EqDSFwiIk?si=6SamXAQBw6kLfv0Y&t=3227) - Primary contact (assignee): @enj - Responsible SIGs: Auth - Enhancement target (which target equals to which milestone): - Alpha release target (x.y): v1.29 - Beta release target (x.y): v1.30, v1.31 - Stable release target (x.y): v1.32 (ServiceAccountTokenJTI, ServiceAccountTokenNodeBindingValidation, ServiceAccountTokenPodNodeInfo) - Stable release target (x.y): v1.33 (ServiceAccountTokenNodeBinding) - [x] Alpha - [x] KEP (`k/enhancements`) update PR(s): #4141 - [x] Code (`k/k`) update PR(s): https://github.com/kubernetes/kubernetes/pull/120780 - [x] Docs (`k/website`) update PR(s): https://github.com/kubernetes/website/pull/43958 - [x] Beta - [x] KEP (`k/enhancements`) update PR(s): - [x] https://github.com/kubernetes/enhancements/pull/4470 - [x] https://github.com/kubernetes/enhancements/pull/4498 - [x] https://github.com/kubernetes/enhancements/pull/4724 - [x] https://github.com/kubernetes/enhancements/pull/4675 - [x] Code (`k/k`) update PR(s): - [x] https://github.com/kubernetes/kubernetes/pull/123135 - [x] https://github.com/kubernetes/kubernetes/pull/123098 - [x] https://github.com/kubernetes/kubernetes/pull/125238 - [x] Docs (`k/website`) update(s): - [x] https://github.com/kubernetes/website/pull/45292 - [x] https://github.com/kubernetes/website/pull/47283 - [x] Stable - [x] KEP (`k/enhancements`) update PR(s): https://github.com/kubernetes/enhancements/pull/4892 - [x] Code (`k/k`) update PR(s): https://github.com/kubernetes/kubernetes/pull/128169 - [x] Docs (`k/website`) update(s): https://github.com/kubernetes/website/pull/48495 - [x] Stable ServiceAccountTokenNodeBinding - [x] KEP update: https://github.com/kubernetes/enhancements/pull/5036 - [x] Code update: https://github.com/kubernetes/kubernetes/pull/129591 - [ ] Doc update: https://github.com/kubernetes/website/pull/49413
Enhancement Description
One-line enhancement description (can be used as a release note): Bound service account token improvements
Kubernetes Enhancement Proposal: https://github.com/kubernetes/enhancements/blob/master/keps/sig-auth/4193-bound-service-account-token-improvements/
Discussion Link: Discussion Link: 2023-08-16 2023-08-02
Primary contact (assignee): @enj
Responsible SIGs: Auth
Enhancement target (which target equals to which milestone):
Alpha
k/enhancements) update PR(s): KEP-4193: bound service account token improvements #4141k/k) update PR(s): Including JTI & node reference in issued service account tokens (kep 4193) kubernetes#120780k/website) update PR(s): KEP-4193: bound service account token improvements website#43958Beta
k/enhancements) update PR(s):k/k) update PR(s):k/website) update(s):Stable
k/enhancements) update PR(s): KEP-4193: stable updates for 1.32 #4892k/k) update PR(s): KEP-4193: Promote ServiceAccountTokenJTI, ServiceAccountTokenPodNodeInfo, ServiceAccountTokenNodeBindingValidation to stable kubernetes#128169k/website) update(s): KEP-4193: Update ServiceAccount admin docs with additional info on bound tokens website#48495Stable ServiceAccountTokenNodeBinding