A Kubernetes Service Account is an identity used by a workload running inside a cluster.
Pods use service accounts when they need to talk to the Kubernetes API or authenticate to other cluster systems.
Why it matters
Service accounts should usually have only the permissions they need.
Those permissions are commonly granted through Kubernetes RBAC.