Top 4 kubernetes-rbac Open-Source Projects
Automatically sync groups into Kubernetes RBACProject mention: Struggling to understand how Google Groups for RBAC is scalable | reddit.com/r/kubernetes | 2021-03-10
Prior to google groups being supported in any manner we made rbacsync that does analogous. It's a custom controller that takes IaC declarations for rolebindings, and maps a given google group name to them on a per namespace or cluster basis. In GKE, this worked with a user's auth token from GCP (claims were in the JWT). Id expect it to work with your OIDC integration as well.
Rapid7 | insightCloudSec | Kubernetes RBAC Power Toys - Visualize, Analyze, Generate & QueryProject mention: Compiled list of ClusterRoles for better/safer RBAC | reddit.com/r/kubernetes | 2021-09-21
I've been tasked with defining and documenting some ClusterRoles with clear permissions that should (mostly) be enough for any kind of cluster. The idea is for admins (who don't necessarily do the devops behind) to be able to understand what each CR does, to assign these CRs to users on the fly, to update a user's access as their needs change, to view a list of policy rules, who can do what etc... For this maintenance and tracking part we use rbac-manager and rbac-tool, which are excellent tools imo.
Scout APM: A developer's best friend. Try free for 14-days. Scout APM uses tracing logic that ties bottlenecks to source code so you know the exact line of code causing performance issues and can get back to building a great product faster.
Login portal for Kubernetes using Active Directory. Provides authentication and SSO for kubectl and for the dashboard.Project mention: AD user access kubernetes namespace | reddit.com/r/kubernetes | 2021-04-11
take a look at OpenUnison (my company's OSS project) - https://github.com/OpenUnison/openunison-k8s-login-activedirectory it'll let you bind your RBAC bindings to ActiveDirectory groups (or directly to a user). The trick is to use OpenID Connect to connect your cluster to AD then use your identity provider to get a JWT that has a user "claim" and groups "claim" which you can then write your RBAC ClusterRoleBinding/RoleBinding against.
Kubernetes login portal for both kubectl and the dashboard using OpenID Connect. Use groups from your assertion in RBAC policies to control access to your cluster. Supports impersonation and OpenID Connect integration with your API server.Project mention: Kubernetes Dashboard with Keycloak | reddit.com/r/kubernetes | 2021-05-24
Take a look at openunison https://github.com/OpenUnison/openunison-k8s-login-oidc (my company's oss project). Use KC as your identity provider and integrate both dashboard and kubectl.
What are some of the best open-source kubernetes-rbac projects? This list will help you:
Are you hiring? Post a new remote job listing for free.