Category: Kubernetes

InCloud NativeComplianceficamicamIdentity ManagementKubernetesOpen SourceOpenShift
That’s right, except for one single use case, you shouldn’t ever use certificates for authentication to Kubernetes clusters.  Its simply not as secure as it appears, especially when OpenID Connect is available.  In this blog post we’re going to walk through a quick refresher of public key cryptography, detail why using it for authentication to…
InCloud NativeKubernetesOpen Sourcesaml2ssoUncategorizeduser provisioning
Our open source Kubernetes Identity Manager is a great way to manage your Kubernetes cluster.  It gives you an authentication portal you can use to access to your dashboard and use kubectl without messing with kube/config files as well as a way to consistently provision namespaces and manage access to those namespaces.  There are other…
InCloudCloud NativeIdentity ManagementKubernetesLinuxOpen SourceOpenShiftRed Hat
OK, sorry for the click bait style headline but for the first blog of the new year I thought I’d have some fun. I came across a blog post on twitter from @geek_king about this real nasty bug in the kernel that can give you root access to the host server, breaking out of your…
InAmazon Web ServicesCloudCloud NativeIdentity ManagementInfrastructure as a ServiceKubernetesLinuxOpen SourceOpenShiftPaaSubuntu
We’re pleased to announce the immediate availability of Unison and OpenUnison 1.0.8. This release brings new features specifically aimed at Cloud Native systems: OpenID Connect support, both as a relying party and as an identity provider Kubernetes SSO integration MongoDB Support for storing authorization data and additional attributes outside of your corporate Active Directory Identity…
InAmazon Web ServicesCloudDrupalIdentity ManagementImplementation CostsInfrastructure as a ServiceKubernetesLinuxOpen SourceOpenShift
We’re proud to be a sponsor this year of the Information Security System Association’s (ISSA) international conference.  We’ll be in booth 707 and I’ll be presenting with my colleagues about the US National Capital Region’s Identity and Access Management Program (IAMS) at Secure User Application Access in a Hurry on Thursday November third at 11:30 am…
InCloudIdentity ManagementKubernetesOpen SourceUncategorized
Couldn’t make DevFestDC?  Want to learn about how you can deploy Kubernetes in an identity aware way?  The session recording hasn’t been published yet, but here’s a screen cast of the talk and the demo.  We figured this would be easier to watch then me standing in front of a room. Kubernetes Identity Management at…
InCloudIdentity ManagementKubernetesOpen SourceUncategorized
In our last episode we talked about the new SSO features in Kubernetes 1.3 and got it working.  The flip-side of the access coin from SSO is identity management.  SSO answers the question “who?”, identity management answers “what?” and should also answer “why?”.  In this episode we’re going to walk through Kubernetes’ RBAC model and…