service-accounts-admin.md: Explain invalidating short-lived tokens

[jplitza]

Description

The page "Managing Service Accounts" explains two types of tokens: short-lived tokens created via API and legacy/long-lived tokens created via Secrets.

The section about token deletion/invalidation however completely ignores the existence of short-lived tokens.

This PR fixes that and explains how to invalidate short-lived tokens.

Issue

Closes: #

[linux-foundation-easycla]

The committers listed above are authorized under a signed CLA.

• ✅ login: jplitza / name: Jan-Philipp Litza (0e66dba, 7b03fd4, c7c11e8)

[k8s-ci-robot]

Welcome @jplitza!

It looks like this is your first PR to kubernetes/website 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes/website has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. 😃

[netlify]

✅ Pull request preview available for checking

Built without sensitive environment variables

Name	Link
🔨 Latest commit	c7c11e8
🔍 Latest deploy log	https://app.netlify.com/sites/kubernetes-io-main-staging/deploys/675aa6e7103de0000826b8bc
😎 Deploy Preview	https://deploy-preview-48981--kubernetes-io-main-staging.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[sftim]

Thanks

This is a nice improvement.
/sig auth security

(aside: we should move a lot of this page out of the Reference section; a separate PR could create a tutorial to learn about ServiceAccounts, based on what we already have, and the reference page could directly link to sections within that tutorial).

/lgtm

[k8s-ci-robot]

LGTM label has been added.

Git tree hash: 48487ce6678d6f014926754521b8f10c169a0edf

[sftim]

No tech review required BTW - ready for approval.

[k8s-ci-robot]

New changes are detected. LGTM label has been removed.

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please ask for approval from sftim. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• content/en/docs/OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment