We are excited to announce the release of Compliant Kubernetes 0.9.0. Among the most exciting features, are support for multiple workload clusters and OpenID group claims support.
Multiple Workload Clusters, Single Service Cluster
Since release 0.9.0, a single service cluster can now monitor and audit multiple workload clusters. This allows organization to have one workload cluster per team, application or department — whatever suits their information security policies — but without incurring an increase in monitoring overhead. As shown below, Compliant Kubernetes operators can now choose in most Grafana dashboards whether the status should be displayed for all workload clusters or only a selected few.
OpenID Group Support
To simplify compliance with access control policies, Compliant Kubernetes now includes support for propagating group claims from OpenID providers — such as Okta and Google — to Grafana, Harbor and the Kubernetes API. This allows your organization’s central roles to be mapped to various permissions. For example, when onboarding a new hire, you may add them to the “on-call operator” group in Okta, which will immediately give them access to various Grafana dashboards and
kubectl exec permissions.