Kubernetes authentication resources define the mechanisms and objects used to verify the identity of users, services, and components interacting with the cluster. These include ServiceAccounts, TokenRequests, TokenReviews, CertificateSigningRequests, ClusterTrustBundles, and SelfSubjectReviews, which collectively provide a robust and flexible authentication system for secure access control and identity verification within Kubernetes clusters.
Authentication Resources
Kubernetes Authentication Resources are components that verify the identity of users and service accounts accessing the Kubernetes API, supporting mechanisms like certificates, tokens, and external identity providers.
Resources
| Resource | Description | Templates |
|---|---|---|
| ServiceAccount | Provides an identity for pods to authenticate with the Kubernetes API. | v1 |
| TokenRequest | Issues short-lived tokens for secure authentication within the cluster. | v1 |
| TokenReview | Validates authentication tokens and retrieves associated user identity. | v1 |
| CertificateSigningReview | Manages requests for TLS certificates to secure cluster communications. | v1 |
Contributions
Permissions
Below are Configfacets Permissions overview and Kubernetes Organization structure.
Overview
A repository can be created under an Organization, Team, or User, with permissions inherited from the parent entity. An Admin role at the parent level grants admin privileges across all repositories and resources within it. In contrast, a Member role at the parent level, by default, has view access to private repositories and their resources but can be granted elevated permissions (such as Admin) for a specific repository. For more details, refer to the Configfacets Authorization documentation.
Kubernetes Organization
| Team | Description |
|---|---|
| Resources | The Kubernetes resources team will work on creating and managing configurations for Kubernetes resources, including workload resources, networking, storage and more. All resource repositories are organized under the Resources team hierarchy. |
| Maintainers | Kubernetes Maintainers team gets admin privileges all across Kubernetes organization. |
| Collaborators | Members of the Collaborators team receive Collaborator permissions, allowing them to edit resources in all repositories. |
If you'd like to contribute to the Authentication Resources repository, you can request Collaborator permission specific to this repository or join the Maintainers or Collaborators team.
Please reach out to us through our Discord community for permissions.
Releases
| Type | Description |
|---|---|
| Released | Versions in this state are finalized and cannot be modified by collaborators. They can be safely used as dependencies in repositories, ensuring stability for associated resources such as data, collections, configurations, services, and endpoints. |
| Under Development | These versions are still being actively worked on and may change without prior notice. Using them as dependencies should be done with caution, as resources within them, including configurations and services, are subject to updates. |
| Archived | Archived versions are no longer supported, and resource modifications are disabled. They cannot be newly added as dependencies, but any previously included versions will continue to function as they were.. |