Orchestra for Kubernetes

Kubernetes Authentication, Authorization, and Automation

Authenticate to Kubernetes through Tremolo Security's Orchestra Portal


Key Features

Direct Login to Kubernetes kubectl and the Dashboard
Ability to proxy groups into Kubernetes for easier RBAC access
Management of .kube/config and certificate trusts without having to manually import certificates
Short token sessions – 1 minute
Ability to revoke individual sessions
No database needed, all sessions and objects stored as Custom Resources

Orchestra Login for Kubernetes - SAML2

Orchestra Login for Kubernetes - SAML2

Three Versions of the Automation Portal Available on GitHub

Authorization & Automation

Additional Features

Self service access requests to namespaces, no need for admins to add users to role bindings
Self service creation of namespaces, no need for admins to create them manually
Reporting on who approved access for which permission

Compliance reports such as change logs and dormant accounts
Requires a MySQL or MariaDB database for “fastest” deployment
Other DBs supported as well – Postgres, SQL Server, Oracle, etc.