kube-oidc-proxy: A proxy to consistently authenticate to managed Kubernetes clusters, on multi-cloud, using OIDC

At Jetstack, we see many customers that are moving to managed Kubernetes services across multiple clouds to run their workloads. Whilst having the Kubernetes control plane managed for you takes away a lot of the operational burden, there is a trade-off for this convenience, with less opportunity for customisation with a managed control plane. Furthermore, across multiple clouds, there is often a lack of consistency in what is exposed. One such inconsistency is in authentication. Cloud providers typically provide deep integrations with their own authentication systems, however interoperability between them can often be a pain point.

Jetstack is excited to announce kube-oidc-proxy, a new open-source project that brings back consistency, and the lost functionality of authenticating via OIDC to the Kubernetes API server on managed services, across clouds.