Looking for a simple authentication setup for my clusters

I’m looking for a simple authentication setup for my clusters. Our user store is AD so LDAP is used a lot. We also have an SAML IdP. The users need to be able to get their own kubeconfig. I really don’t want to have to install a bunch of other apps to make this work. It seems like this should be a simple thing that exists already and maybe I’m missing it.

Users should be able to generate their token after authenticating by LDAP, we had this on our previous distro.
I will try to look what utility was used… please wait…

Try this:
https://github.com/int128/kubelogin

https://pinniped.dev/docs/howto/supervisor/configure-supervisor-with-activedirectory/. we used this at my last job, but with Okta (this link is for AD)

I’m also going to implement this at my current job, unless I find something better when I get to that ticket :slightly_smiling_face:. In the meantime I’ve just been doing the aws cli locally to update kube config: aws eks update-kubeconfig --name example --profile <some profile> & I’ve been sharing the kube config with the developers