Cloud Infrastructure Integration

Kubernetes

Connect TigerIdentity to your Kubernetes clusters for dynamic RBAC management, just-in-time access, and comprehensive audit logging.

Book a DemoView Documentation

Key Features

Multi-Cluster Support

Manage RBAC across multiple Kubernetes clusters from a single control plane.

ServiceAccount Tracking

Monitor and control Kubernetes ServiceAccounts and their token usage.

RBAC Sync

Automatically sync Roles, ClusterRoles, RoleBindings, and ClusterRoleBindings.

Dynamic RBAC

Create and revoke RoleBindings on-demand based on TigerIdentity policies.

Audit Logging

Stream Kubernetes audit logs for comprehensive access visibility.

Namespace Isolation

Enforce namespace-based access policies with automatic cleanup.

How It Works

1

Connect Clusters

Provide kubeconfig files or service account tokens for cluster authentication.

2

Sync RBAC

TigerIdentity discovers all existing RBAC resources across your clusters.

3

Stream Audit Logs

Configure audit log webhooks to send Kubernetes API activity to TigerIdentity.

4

Provision Access

Dynamically create RoleBindings and ClusterRoleBindings based on policy evaluation.

Configuration Example

connector:
  type: kubernetes
  name: "k8s-production"

  config:
    clusters:
      - name: production
        kubeconfig: "${KUBECONFIG_PROD}"
        context: prod-cluster
      - name: staging
        kubeconfig: "${KUBECONFIG_STAGING}"
        context: staging-cluster

  sync:
    service_accounts: true
    roles: true
    cluster_roles: true
    role_bindings: true
    cluster_role_bindings: true

  events:
    audit_logs: true
    webhook_url: "https://api.tigeridentity.io/webhooks/k8s"

  provisioning:
    enabled: true
    namespace_prefix: "tiger-"
    ttl: 3600
    auto_cleanup: true

Use Cases

Zero Standing Privilege

Eliminate permanent cluster-admin access. Grant elevated permissions only when needed.

Developer Self-Service

Allow developers to request namespace access with automatic approval workflows.

Production Access Control

Enforce strict time-bound access to production clusters with approval and MFA.

ServiceAccount Governance

Track and audit all ServiceAccount token usage across your cluster fleet.

Ready to connect Kubernetes?

See how TigerIdentity transforms Kubernetes access management in a personalized demo.

Schedule Your Demo