You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Mention multiple cloud vendors and fix if-else chain
- Update README and docs to mention AWS EKS, Azure AKS, and Google GKE
- Change example section title to "Managed Kubernetes" instead of just "EKS"
- Add note that configuration works with AKS and GKE
- Fix ifElseChain lint suggestion by using switch statement
- All linter warnings addressed
Co-authored-by: illume <9541+illume@users.noreply.github.com>
This is particularly useful with managed Kubernetes clusters (like EKS) when using [kube-oidc-proxy](https://github.com/jetstack/kube-oidc-proxy) to handle OIDC authentication.
66
+
This is particularly useful with managed Kubernetes clusters (like AWS EKS, Azure AKS, or Google GKE) when using [kube-oidc-proxy](https://github.com/jetstack/kube-oidc-proxy) to handle OIDC authentication with private identity providers.
Copy file name to clipboardExpand all lines: docs/installation/in-cluster/index.md
+8-4Lines changed: 8 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -55,7 +55,7 @@ By default, when running in-cluster, Headlamp automatically detects and connects
55
55
56
56
This feature is particularly useful for:
57
57
58
-
-**OIDC Authentication with Private Endpoints**: When using managed Kubernetes services (like AWS EKS) with OIDC authentication where the identity provider is on a private endpoint, you can use [kube-oidc-proxy](https://github.com/jetstack/kube-oidc-proxy) to handle authentication requests.
58
+
-**OIDC Authentication with Private Endpoints**: When using managed Kubernetes services (like AWS EKS, Azure AKS, or Google GKE) with OIDC authentication where the identity provider is on a private endpoint, you can use [kube-oidc-proxy](https://github.com/jetstack/kube-oidc-proxy) to handle authentication requests.
59
59
-**API Gateway or Proxy Requirements**: When your cluster requires all API traffic to go through a specific gateway or proxy for security, logging, or compliance reasons.
60
60
-**Multi-cluster Authentication**: When using a centralized authentication proxy across multiple clusters.
61
61
@@ -83,9 +83,11 @@ You can also configure it using environment variables or command-line flags:
83
83
84
84
**Note**: These options are only used when running Headlamp with in-cluster mode enabled (`--in-cluster` flag or `config.inCluster: true` in Helm values).
85
85
86
-
### Example: Using with kube-oidc-proxy on EKS
86
+
### Example: Using with kube-oidc-proxy on Managed Kubernetes
87
87
88
-
When using Amazon EKS with a private OIDC issuer, you can deploy kube-oidc-proxy to handle authentication and configure Headlamp to route requests through it:
88
+
When using managed Kubernetes services (AWS EKS, Azure AKS, Google GKE) with a private OIDC issuer, you can deploy kube-oidc-proxy to handle authentication and configure Headlamp to route requests through it.
For more information about using kube-oidc-proxy with EKS, see the [AWS blog post on consistent OIDC authentication](https://aws.amazon.com/blogs/opensource/consistent-oidc-authentication-across-multiple-eks-clusters-using-kube-oidc-proxy/).
105
+
For more information about using kube-oidc-proxy with managed Kubernetes clusters, see:
106
+
- AWS EKS: [Consistent OIDC authentication across multiple EKS clusters](https://aws.amazon.com/blogs/opensource/consistent-oidc-authentication-across-multiple-eks-clusters-using-kube-oidc-proxy/)
107
+
- The configuration works similarly with Azure AKS and Google GKE when using private OIDC providers
0 commit comments