Securing Kubernetes API with Banyan
- Updated on Apr 19, 2023
This article describes features that are only available in the
Banyan Enterprise edition and
Banyan Unlimited edition.
Overview
Kubernetes (K8S) is an open-source system for automating deployment, scaling, and management of containerized applications. End users interact with K8S via the K8S API Server, typically using the kubectl
client.
From a management perspective, K8S can be deployed in two flavors:
- Managed K8S - A cloud provider (such as AWS, Azure, GCP, DigitalOcean, etc) provisions and manages the K8S cluster, tightly integrated with the cloud provider’s other offerings.
- Hosted K8S - An enterprise operations team runs a specific K8S distribution (such as RedHat OpenShift, VMware Tanzu, Mirantis, etc) and is responsible for cluster management.
For connectivity, Banyan treats the Kubernetes API as a TCP Service, using Mutually Authenticated TLS (MTLS) flows to provide secure Zero Trust access.
Banyan can also be configured to leverage the OIDC authentication capability built into K8S.
Sections
Can’t find what you’re looking for?
We’re happy to help. Contact our team .