Cloud Native Rejekts EU (Valencia) 2022

Building a secure, seamless auth experience that you can use with just kubectl apply
2022-05-14, 17:30–18:00, Main Room

Kubernetes authentication is difficult for admins to configure. With Pinniped, we sought to make the process easy and secure by abstracting away much of the complexity. In this talk you will learn tips and tricks that we used to make our users lives easier. Come learn the extension points that make authentication easier for users.


Pinniped is a “batteries-included” Kubernetes authentication provider. Our team has worked hard to make configuration and login simple for our users. To do this, we designed our product so that it is all configurable using kubectl apply commands and user friendly custom resources, and hid the many steps of OIDC login into an exec credential plugin so that users only have to download a kubeconfig to gain access. We use API aggregation to make communicating with our APIs as seamless as communicating with the Kubernetes API server.

In this talk you will learn tips and tricks that we used to make our users lives easier. Attendees will come away with an understanding of how to extend Kubernetes to improve user experience with a focus on authentication extension points.

Margo Crawford is a software engineer for VMware Tanzu on Project Pinniped. She lives in
San Francisco. When she's not thinking about Kubernetes authentication, she likes roller skating, baking, and playing board games.