Five Dex Alternatives for Kubernetes Authentication

• aws-iam-authenticator

  9 2,144 8.2 Go

  A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster

  

Access to Kubernetes clusters in Amazon EKS is controlled by the AWS IAM Authenticator for Kubernetes. The authenticator runs on the EKS control plane and depends on the aws-auth ConfigMap for configuration settings. Every time you use kubectl to perform actions on the EKS cluster, the AWS IAM Authenticator generates an STS token (AWS Security Token Service). Kubernetes uses the IAM authenticator service to verify the identity of users specified in this security token.

• Keycloak

  231 20,039 10.0 Java

  Open Source Identity and Access Management For Modern Applications and Services

  

With Rancher, you get simple and flexible authentication plugins. These come with pre-built user authentication integration with GitHub, LDAP, and Active Directory. The Rancher auth proxy also integrates with other external authentication backends, including Keycloak, Ping Identity, and FreeIPA. Tying Rancher into an external auth system simplifies user and group access into the Kubernetes cluster. With the flexibility of these external plugins, you’re guarded against downtimes at the authentication provider level.

• InfluxDB

  www.influxdata.com featured

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• rancher

  89 22,559 9.9 Go

  Complete container management platform

  

Rancher provides a Rancher authentication proxy that allows user authentication from a central location. With this proxy, you can set the credential for authenticating users that want to access your Kubernetes clusters. You can create, view, update, or delete users through Rancher’s UI and API.

• devspace-plugin-loft

  57 19 7.1

  Loft Plugin for DevSpace - adds commands like `devspace create space` or `devspace create vcluster` to DevSpace

  

Loft contains a Kubernetes API gateway that you can use to integrate multiple clusters into a Loft instance. Loft’s multi-tenancy feature also enables the API gateway to work as a single contact point for incoming API requests. The gateway handles Loft-specific commands and sends generic API calls to Kubernetes interfaces in the background.

• kubernetes

  663 107,048 10.0 Go

  Production-Grade Container Scheduling and Management

  

Authentication helps control access to cluster resources by first verifying a user’s identity. In Kubernetes, the API server needs to verify the identity of every request it receives. Such requests may come from a program like a pod or from a human user. Since Kubernetes lacks a built-in feature for authenticating users, you’ll need to rely on auth providers for this service. Fortunately, the container orchestration platform accommodates a variety of authentication providers.

• dex

  37 9,064 9.4 Go

  OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors

  

Among the options for auth providers is Dex, which relies on OpenID Connect to enable authentication for other applications. It’s a popular choice because it comes with connectors to allow user authentication against other third-party identity providers. Dex supports protocols such as Lightweight Directory Access Protocol (LDAP) and Security Assertion Markup Language (SAML) as well as platforms such as GitLab, Active Directory, and GitHub.

Suggest a related project