diff --git a/pkg/userinfo/roleRef.go b/pkg/userinfo/roleRef.go
index 438ac1bd7c..6c5ebe1bd3 100644
--- a/pkg/userinfo/roleRef.go
+++ b/pkg/userinfo/roleRef.go
@@ -88,7 +88,7 @@ func getRoleRefByClusterRoleBindings(clusterroleBindings []*rbacv1.ClusterRoleBi
 // subject.kind can only be ServiceAccount, User and Group
 func matchSubjectsMap(subject rbacv1.Subject, userInfo authenticationv1.UserInfo) bool {
 	// ServiceAccount
-	if isServiceaccountUserInfo(userInfo.Username) {
+	if strings.Contains(userInfo.Username, SaPrefix) {
 		return matchServiceAccount(subject, userInfo)
 	}
 
@@ -96,13 +96,6 @@ func matchSubjectsMap(subject rbacv1.Subject, userInfo authenticationv1.UserInfo
 	return matchUserOrGroup(subject, userInfo)
 }
 
-func isServiceaccountUserInfo(username string) bool {
-	if strings.Contains(username, SaPrefix) {
-		return true
-	}
-	return false
-}
-
 // matchServiceAccount checks if userInfo sa matche the subject sa
 // serviceaccount represents as saPrefix:namespace:name in userInfo
 func matchServiceAccount(subject rbacv1.Subject, userInfo authenticationv1.UserInfo) bool {
diff --git a/pkg/userinfo/roleRef_test.go b/pkg/userinfo/roleRef_test.go
index 229e8394e4..c2aa94cae9 100644
--- a/pkg/userinfo/roleRef_test.go
+++ b/pkg/userinfo/roleRef_test.go
@@ -11,27 +11,6 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
-func Test_isServiceaccountUserInfo(t *testing.T) {
-	tests := []struct {
-		username string
-		expected bool
-	}{
-		{
-			username: "system:serviceaccount:default:saconfig",
-			expected: true,
-		},
-		{
-			username: "serviceaccount:default:saconfig",
-			expected: false,
-		},
-	}
-
-	for _, test := range tests {
-		res := isServiceaccountUserInfo(test.username)
-		assert.Assert(t, test.expected == res)
-	}
-}
-
 func Test_matchServiceAccount_subject_variants(t *testing.T) {
 	userInfo := authenticationv1.UserInfo{
 		Username: "system:serviceaccount:default:saconfig",