kiam download | SourceForge.net

kiam runs as an agent on each node in your Kubernetes cluster and allows cluster users to associate IAM roles with Pods. [a] role is similar to a user, in that it is an AWS identity with permission policies that determine what the identity can and cannot do in AWS. However, instead of being uniquely associated with one person, a role is intended to be assumed by anyone who needs it. Also, a role does not have any credentials (password or access keys) associated with it. Instead, if a user is assigned to a role, access keys are created dynamically and provided to the user.

Features

No client SDK modifications are needed: Kiam intercepts Metadata API requests
Separated Agent and Server processes. Allows user workloads to run on nodes without sts:AssumeRole permissions to enhance cluster security
Denies access to all other AWS Metadata API paths by default (but can be configured via flag)
AWS credentials are prefetched to allow fast responses (and avoid problems with races between Pods requesting credentials and the Kubernetes client caches being aware of the Pod)
Multi-account IAM support. Pods can assume roles from any AWS account assuming trust relationships permit it
Optional regional STS endpoint support

Project Samples

Project Activity

See All Activity >

License

Apache License V2.0

Follow kiam

kiam Web Site

Other Useful Business Software

Rezku Point of Sale

Designed for Real-World Restaurant Operations

Rezku is an all-inclusive ordering platform and management solution for all types of restaurant and bar concepts. You can now get a fully custom branded downloadable smartphone ordering app for your restaurant exclusively from Rezku.

Learn More

Rate This Project

User Reviews

Be the first to post a review of kiam!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

Related Categories

Go Container Management Software, Go Identity and Access Management (IAM) Software

Registered

2024-03-27

Similar Business Software

Frontegg

Frontegg is a Customer Identity and Access Management (CIAM) platform that simplifies authentication, authorization, and user management for SaaS companies. It enables developers to implement advanced identity features quickly, then shift ongoing administration to other teams. With Frontegg,...

See Software
Auth0

Auth0 takes a modern approach to Identity, providing secure access to any application, for any user. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. Auth0 is part of Okta, The World’s Identity...

See Software
FusionAuth

FusionAuth is a modern, developer-focused identity and access management platform built to give you full control over your authentication stack. Whether you’re building a startup app or managing enterprise-scale infrastructure, FusionAuth delivers all the must-have features — from login and SSO...

See Software
Josys

Josys is the Automated Identity Governance and Administration (IGA) Platform designed to simplify how IT works. Trusted by IT teams and Managed Service Providers (MSPs), Josys delivers complete visibility and control over every user, application, and access permission within their identity...

See Software
ManageEngine ADManager Plus

ADManager Plus is a simple, easy-to-use Windows Active Directory (AD) management and reporting solution that helps AD administrators and help desk technicians in their day-to-day activities. With a centralized and intuitive web-based GUI, the software handles a variety of complex tasks like bulk...

See Software
Securden Unified PAM

Securden Unified PAM is a privileged access security solution that lets you discover, centrally store, organize, share, manage, and keep track of all privileged identities, passwords, keys, documents, and other identities. It helps you establish a centralized password management system, automate...

See Software