Kubernetes authentication, authorization, and Namespace as a Service
Start automating access to your cluster:
OpenUnison takes the work and wait out of securing Kubernetes, and adds a layer of security to everything inside your cluster.
No need to add new hardware. Just a few clicks, and OpenUnison and Orchestra are ready to go
Skip setting up separate applications to get authentication working with Kubernetes, and just enable it in OpenUnison instead
Short-lived tokens and quick one-click session revocation keep unwanted hands out of the cookie jar
Eliminate tedious, time-consuming command line tasks and authorize users in seconds from the dashboard.
Create your own groups and namespaces without waiting for anyone's approval.
OpenUnison and Orchestra take the work and wait out of securing Kubernetes.
Skip hundreds of tedious, time-consuming tasks manually executed through the command line, and authorize users in seconds from the dashboard.
No additional databases, servers, or applications needed - just a few clicks in the dashboard, and OpenUnison and Orchestra are ready to go.
Skip setting up separate applications to get authentication working with Kubernetes, and just enable it in OpenUnison instead.
Create your own groups and namespaces that work with the identity data you already have access to, without waiting around for someone else’s approval.
Keep unwelcome hands out of the cookie jar with short-lived tokens and quick one-click session revocation from right within the dashboard.
TBD
TBD
TBD
The Orchestra Login Portal is built on OpenUnison and supports all the above listed goals. Orchestra deploys in minutes with no 3rd party database needed. Orchestra uses Kubernetes Custom Resources to store all session and user data and individual sessions are easily revoked by deleting objects via kubectl. Finally, Orchestra provides easy integration with both kubectl and the dashboard by creating a single entry point for both.