Kubernetes dashboard is a web based user interface for deploying containerized applications to a Kubernetes cluster – Deployments, Jobs, StatefulSets, DaemonSets e.t.c, and managing cluster resources while being able to troubleshoot issues that may arise. You can use the Dashboard to get an overview of applications running on your cluster.

Check our guide below on how to deploy Kubernetes dashboard:

How To Install Kubernetes Dashboard with NodePort

This guide will discuss how you can create an admin user who has access to all Kubernetes resources. The admin user can modify objects in all namespaces as well as administer any other components in a cluster.

Step 1: Create Admin service account

Let’s start by creating a Service Account manifest file. I’ll name the service account jmutai-admin.

$ vim admin-sa.yml
apiVersion: v1
kind: ServiceAccount
  name: jmutai-admin
  namespace: kube-system

Where jmutai-admin is the name of the service account to be created.

After creating a file, apply the manifest to create objects in your kubernetes cluster.

$ kubectl apply -f admin-sa.yml
serviceaccount/jmutai-admin created
clusterrolebinding.rbac.authorization.k8s.io/jmutai-admin created

Step 2: Create a Cluster Role Binding

Next is to assign the service account created a cluster role binding of cluster-admin.

$ vim admin-rbac.yml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
  name: jmutai-admin
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
  - kind: ServiceAccount
    name: jmutai-admin
    namespace: kube-system

Replace jmutai-admin with the name of the service account you created in step 1.

Apply the file.

$  kubectl apply -f admin-rbac.yml

Step 3: Obtain admin user token

You can print the generated token for a service account by using the kubectl command.

Set a variable to store the name of the service account.


Then run the command below to print the token for the admin user created.

kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep ${SA_NAME} | awk '{print $1}')


Name:         jmutai-admin-token-mm9jd
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: jmutai-admin
              kubernetes.io/service-account.uid: 80fade4b-4270-11ea-9fe4-005056ba45bd

Type:  kubernetes.io/service-account-token

token:      eyJhbGciOiJSUzI1NiIsImtpZCI9IiJ9.eyJpc7MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUxOiJqa211dGFpLWFkbWluLXRva2VuLW1tOWpkIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImprbXV0YWktYWRtaW4iLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiI4MGZhZGU0Yi00MjcwLTExZWEtOWZlNC0wMDUwNTZiYTQ1YmQiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06amttdXRhaS1hZG1pbiJ9.uMC2ydeHF4jVA5tnKFbBeHRvc4NWqL920jigk2FDeduUdBuFhsNyDcscmL-pBbWHG5KKwOAEuAAeyNaknaHsDadNnbLpp4AMZTTdr22FEp-_v7MfIEQm3QWmq-c0ykpdrzUzGmk5Q3JIpfqeorDI0lZd52-DF4IVMw3VtTNp6ZMHdieQUNRnCEyfs98raCTRAotiXZQaMvmRW5s9peu5hfxM71jufg-Qzmflr9nO-dY2dOHh1WZcKhJqfNfB73GYX2TQlUlurV4Oy0-2CpUUpJ1HAjcSHzKGuSrMUAMAhRwhbZZXhwvbQ6Ei_9Vv2PkD8_Pw9c-k9x-bblFSAqyFhA
ca.crt:     1025 bytes
namespace:  11 bytes

Copy the contents in token key.

Step 4: Accessing Kubernetes Dashboard

Once the token is created, you can access your Kubernetes Dashboard with it. If using the NodePort to access dashboard service, you can obtain port allocated by issuing the command.

$ kubectl get services -n <namespace> | grep dashboard
kubernetes-dashboard   NodePort    <none>        443:32254/TCP                   414d

For me I will access the Kubernetes dashboard on any cluster machine IP address on port 32254.

access kubernetes dashboard 01

Select Token authentication type and paste your token to access the dashboard.

access kubernetes dashboard 02

Best Kubernetes mastery courses.

Step 5: Creating non admin user account

We created an admin user account which has full access to cluster resources. If you would like to grant users access with limit to the namespace, refer to our previous guide below.

Create Kubernetes Service / User Account restricted to one Namespace

More guides on Kubernetes and containers:

Top Minimal Container Operating Systems for running Kubernetes

Join new Kubernetes Worker Node to an existing Cluster

How To Deploy Metrics Server to Kubernetes Cluster

Install and Use Helm 3 on Kubernetes Cluster

Docker vs CRI-O vs Containerd

Your support is our everlasting motivation,
that cup of coffee is what keeps us going!

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online.

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee.


Please enter your comment!
Please enter your name here