Enables seamless access via single sign-on (SSO) and role-based access control (RBAC) to kubectl, providing a high level of security. Avoid the operational and user productivity issues with SSH, Bastion, VPNs, or namespace access control. Instantly revoke user access to the fleet of clusters. Automatically implement and enforce read-only access for non-privileged users, i.e., access limited to kubectl commands such as “get,” “describe,” “logs.” Provide contractors temporary access, for example, with access terminating automatically after a specified time window. Harden user access by requiring strong authentication via MFA (TOTP, U2F, etc.) for kubectl access to pods.
Read more here: Source link