Ensure that the admission control plugin ServiceAccount is set (API Server)

Automate service accounts management. When you create a pod, if you do not specify a service account, it is automatically assigned the default service account in the same namespace. You should create your own service account and let the API server manage its security tokens.