/paralus

All-in-one Kubernetes access manager. User-level credentials, RBAC, SSO, audit logs.

Primary LanguageGoApache License 2.0Apache-2.0

Paralus

codeql helm go license

Paralus is a free, open source tool that enables controlled, audited access to Kubernetes infrastructure for your users, user groups, and services. Ships as a GUI, API, and CLI.

Paralus can be easily integrated with your pre-existing RBAC configuration and your SSO providers, or Identity Providers (IdP) that support OIDC (OpenID Connect). Through just-in-time service account creation and fine-grained user credential management, Paralus provides teams with an adaptable system for guaranteeing secure access to resources when necessary, along with the ability to rapidly identify and respond to threats through dynamic permission revocation and real time audit logs.

Kubernetes Goat

Features

  • Creation of custom roles, users, and groups.
  • Dynamic and immediate changing and revoking of permissions.
  • Ability to control access via pre-configured roles across clusters, namespaces, projects, and more.
  • Seamless integration with Identity Providers (IdPs) allowing the use of external authentication engines for users and group definitions, such as GitHub, Google, Azure AD, Okta, and others.
  • Automatic logging of all user actions performed for audit and compliance purposes.
  • Flexible workflows with a modern web GUI (default), a CLI tool called pctl, and Paralus API.

Getting Started

Installing and setting up Paralus takes less time than it takes to brew a (good) cup of coffee! You'll find the instructions here:

Community & Support

Contributing

We đź’– our contributors! Have a look at our contributor guidelines to get started.

If you’re looking to add a new feature or functionality, create a new Issue.

You're also very welcome to look at the existing issues. If there’s something there that you’d like to work on help improving, leave a quick comment and we'll go from there!

Authors

This project is maintained & supported by Rafay.