Federated IAM for Kubernetes with OpenFGA - Jonathan Whitaker, Okta
Abstract
Organizations manage many resources, applications, and infrastructure components. Managing access to these in a secure and transparent way is challenging. OpenFGA is a fine-grained permission database used to manage and evaluate access policies. OpenFGA provides a way to federate IAM policies and ensure fine-grained access control within and across organizations. Admins and developer teams can define IAM policies centrally and propagate these rules across applications and infrastructure. It streamlines access management, enhances security, and simplifies administration by providing a unified approach to IAM across diverse cloud environments. In this session we’ll show what the future of federated IAM might look like with OpenFGA acting as a central permission database for application and infrastructure resources. We’ll demonstrate how we can federate IAM policies between Kubernetes clusters and groups of identities managed by an external Identity Provider.