kube2iam Logo

kube2iam

0
Free
Visit Website

Provide IAM credentials to containers running inside a kubernetes cluster based on annotations. kube2iam is a solution that redirects the traffic that is going to the EC2 metadata API for Docker containers to a container running on each instance, makes a call to the AWS API to retrieve temporary credentials and returns these to the caller. This container will need to run with the necessary permissions to make the call to the AWS API. The solution is to redirect the traffic that is going to the EC2 metadata API for Docker containers to a container running on each instance, make a call to the AWS API to retrieve temporary credentials and return these to the caller. Other calls will be proxied to the EC2 metadata API.

FEATURES

ALTERNATIVES

Airlock Secure Access Hub is an integrated security platform that combines identity and access management with web application and API protection to secure digital applications while maintaining user experience.

Commercial

A tool for searching through public EBS snapshots for secrets, organized as an Elastic Beanstalk application.

Free

Helm plugin for decrypting encrypted Helm value files on the fly and integrating with cloud native secret managers.

Free

Repository documenting common techniques to bypass AppLocker with verified, unverified, and generic bypasses.

Free

A platform that helps companies automate the management of their SaaS identities and applications, providing visibility, security, and compliance across the organization's SaaS ecosystem.

Commercial

Identify AWS IAM permissions by brute-forcing API calls.

Free

Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.

Commercial

The Ping Identity Platform is an enterprise identity and access management solution that provides authentication, authorization, and identity governance capabilities with flexible deployment options for securing customer, workforce, and partner identities.

Commercial