Skip to content

k8stooling/oidc-broker

Repository files navigation

image

OIDC Broker

This tool acts as a broker that allows you to incorporate output from another OIDC provider into a newly generated token. This token can then be configured as a trusted entity for the Kubernetes API.

Description

This tool works seamlessly alongside the Tocrocon Docker component, which is also part of the k8stooling suite.

Configuration of deployment file

The following enviroment variables can be set as part of the Deployment

- name: ISSUER_URL
  value: "{{OIDC_BROKER_URL}}"
- name: TENANT_ID
  value: "{{YOUR TENANT_ID}}"
- name: TOKEN_TTL
  value: "1h"
  • TENANT_ID is optional and has no meaning.
  • TOKEN_TTL is default 900s in case nothing is set

Configuration of Secrets file

The Secret Name in the Namespace needs to be oidc-broker The Key which represents the Signing RSA has to be set to rsa_key

Deployment YAML-Files

(!) Check also the yaml-Examples files

About

The OIDC Broker connects the Kubernetes API to another OIDC provider.

Resources

License

Stars

Watchers

Forks

Packages

 
 
 

Contributors