identity

GCP: LDAP authentication for Anthos VMware clusters using Anthos Identity Service


Categories: Hyperscaler, Kubernetes

Anthos Identity Service allows an organization to tie into their existing Identity Provider to authenticate and authorize users into their Anthos clusters. In this article, I will show how the authentication for an Anthos on VMware cluster can be integrated into an existing Active Directory deployment, and further how a user’s AD group membership can GCP: LDAP authentication for Anthos VMware clusters using Anthos Identity Service

Kubernetes: Keycloak IAM deployed into Kubernetes cluster for OAuth2/OIDC


Categories: Authentication, Kubernetes

Keycloak is an open-source Identity and Access Management (IAM) solution that can be used to provide authentication and authorization to your enterprise applications.  One of the many protocols it supports is OAuth2/OIDC. One of the easiest ways to deploy Keycloak is directly into your Kubernetes cluster, exposed securely with an NGINX Ingress. In this article, Kubernetes: Keycloak IAM deployed into Kubernetes cluster for OAuth2/OIDC

GCP: running a container on a GKE cluster using Workload Identity


Categories: Hyperscaler

With Workload Identity enabled on a GKE cluster, your container can access Google Cloud API services (Compute Engine, Storage, etc.) using a Kubernetes Service Account (KSA). This is done by having the container run as the KSA, where the KSA has been bound to the Google Service Account (GSA).  This is the recommended way of GCP: running a container on a GKE cluster using Workload Identity

EMC OnDemand: Federated Identity Management and Silent SSO


Categories: Documentum

Identity Management for On-Premise Applications Our industry today has some very proven technologies for providing a single set of login credentials to applications installed on-premise.  Most commonly, companies use a central Identity Management system (e.g. Microsoft Active Directory/Oracle Internet Directory/IBM Tivoli), and these systems implement an LDAP interface that 3rd party applications can call to EMC OnDemand: Federated Identity Management and Silent SSO