From c923e3439d4f51382a67b4988e4f3ba516ee0291 Mon Sep 17 00:00:00 2001 From: jcnars Date: Sun, 15 Oct 2023 18:27:41 -0700 Subject: [PATCH] Update 04-certificate-authority.md Updating docs links --- docs/04-certificate-authority.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/04-certificate-authority.md b/docs/04-certificate-authority.md index 1510993..c695e08 100644 --- a/docs/04-certificate-authority.md +++ b/docs/04-certificate-authority.md @@ -107,7 +107,7 @@ admin.pem ### The Kubelet Client Certificates -Kubernetes uses a [special-purpose authorization mode](https://kubernetes.io/docs/admin/authorization/node/) called Node Authorizer, that specifically authorizes API requests made by [Kubelets](https://kubernetes.io/docs/concepts/overview/components/#kubelet). In order to be authorized by the Node Authorizer, Kubelets must use a credential that identifies them as being in the `system:nodes` group, with a username of `system:node:`. In this section you will create a certificate for each Kubernetes worker node that meets the Node Authorizer requirements. +Kubernetes uses a [special-purpose authorization mode](https://kubernetes.io/docs/reference/access-authn-authz/node/) called Node Authorizer, that specifically authorizes API requests made by [Kubelets](https://kubernetes.io/docs/concepts/overview/components/#kubelet). In order to be authorized by the Node Authorizer, Kubelets must use a credential that identifies them as being in the `system:nodes` group, with a username of `system:node:`. In this section you will create a certificate for each Kubernetes worker node that meets the Node Authorizer requirements. Generate a certificate and private key for each Kubernetes worker node: @@ -346,7 +346,7 @@ kubernetes.pem ## The Service Account Key Pair -The Kubernetes Controller Manager leverages a key pair to generate and sign service account tokens as described in the [managing service accounts](https://kubernetes.io/docs/admin/service-accounts-admin/) documentation. +The Kubernetes Controller Manager leverages a key pair to generate and sign service account tokens as described in the [managing service accounts](https://kubernetes.io/docs/reference/access-authn-authz/service-accounts-admin/) documentation. Generate the `service-account` certificate and private key: