Name: Portable, Universal Single Sign-On for Your Clusters - Miguel Martinez, Bitnami
Start: 2019-05-21T14:50:00+0200
End: 2019-05-21T15:25:00+0200

Barcelona, Spain
May 20–23, 2019
Click here for more information and registration

View Conference Venue and Sponsor Showcase Map

Back To Schedule

Portable, Universal Single Sign-On for Your Clusters - Miguel Martinez, Bitnami

Feedback form is now closed.

In order to enable Single Sign-On in your cluster you need to configure the Kubernetes API server. This is an issue if you are using services where the control plane is managed for you. Some managed services like GKE support SSO out of the box, but are not configurable. Others like AKS allow you to configure it, but only with Active Directory. These options might not fit some of your requirements such as using your company’s existing Identity provider, to use other protocols such as LDAP or SAML or when applications (e.g the Kubernetes Dashboard) need access to the API server.

In this session, I will present some workarounds that leverage other native AuthN/AuthZ mechanisms such as service accounts or impersonation via auth proxies. I will also demo how to use these methods to enable SSO for the Kubernetes dashboard that can be used across different managed and on-prem environments.

Speakers

Miguel Martinez

Senior Software Engineer, Bitnami

Miguel Martinez is a member of the engineering team at Bitnami and core contributor of the Helm and Monocular projects. He is currently working on Kubeapps, an open source application dashboard for Kubernetes. He loves Ruby, describes himself as a full stack engineer and complains... Read More →

v2 Kubecon Miguel OIDC pdf

Tuesday May 21, 2019 14:50 - 15:25 CEST
Hall 8.0 F1

Security + Identity + Policy

Skill Level Intermediate (Mid-level experience)
Link to Session Recording https://youtu.be/p5x1btmD2Yw

KubeCon + CloudNativeCon Europe 2019

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Miguel Martinez