Orachestra for Kubernetes

Kubernetes Authentication, Authorization and Automation Portal

Kubernetes Authentication

Tremolo Security’s Orchestra Login Portal

Three versions of the login portal are available on GitHub:

Each of these portals offers:

  • Direct Login to Kubernetes kubectl and the Dashboard
  • Ability to proxy groups into Kubernetes for easier RBAC access
  • Management of .kube/config and certificate trusts without having to manually import certificates
  • Short token sessions – 1 minute
  • Ability to revoke individual sessions
  • No database needed, all sessions and object stored as Custom Resources

Authorization and Automation

Tremolo Security’s Orchestra Portal

Three versions of the automation portal are available on GitHub:

In addition to the features offered by the Login Portal, these portals offers:

  • Self service access requests to namespaces, no need for admins to add users to role bindings
  • Self service creation of namespaces, no need for admins to create them manually
  • Reporting on who approved access for which permission
  • Compliance reports such as change logs and dormant accounts
  • Requires a MySQL or MariaDB database for “fastest” deployment
    • Other DBs supported as well – Postgres, SQL Server, Oracle, etc.