Orchestra for Kubernetes

Kubernetes Authentication, Authorization, and Automation

Login and SSO for Kubernetes from Okta,
Active Directory, OIDC, SAML2, and GitHub

Authenticate to Kubernetes through Tremolo Security's Orchestra Portal

Authentication

Key Features

Direct Login to Kubernetes kubectl and the Dashboard
Ability to proxy groups into Kubernetes for easier RBAC access
Management of .kube/config and certificate trusts without having to manually import certificates
Short token sessions – 1 minute
Ability to revoke individual sessions
No database needed, all sessions and objects stored as Custom Resources
Orchestra Login for Kubernetes - SAML2

Automate your infrastructure

Namespace as a Service

Additional Features

Self service access requests to namespaces, no need for admins to add users to role bindings
Self service creation of namespaces, no need for admins to create them manually
Reporting on who approved access for which permission

Compliance reports such as change logs and dormant accounts
Requires a MySQL or MariaDB database for “fastest” deployment
Other DBs supported as well – Postgres, SQL Server, Oracle, etc.