..

Blending Okta and AWS federated users into Kubernetes access control

Title: Blending Okta and AWS federated users into Kubernetes access control - automated, flexible and auditable

Summary: When using a central Identity Provider and Federated Users in AWS landscape, those must be mapped into Kubernetes access control.

There is the(!) aws-auth ConfigMap for that, but how to manage a central resource when your infrastructure code consists of many individual team repositories?

The opensourced aws-auth-operator is a Kubernetes operator, which re-constructs the central configuration based on individual fragments, and thus allows a flexible setup on the ever-changing teams. This talk gives a rough overview on the infrastructure as code landscape at TIER and a deep dive on the kubernetes operator.