https://github.com/robincher/pomerium-kubernetes-recipe
Kubernetes recipe for Pomerium Identity Aware Proxy
https://github.com/robincher/pomerium-kubernetes-recipe
iap kubernetes pomerium
Last synced: 7 months ago
JSON representation
Kubernetes recipe for Pomerium Identity Aware Proxy
- Host: GitHub
- URL: https://github.com/robincher/pomerium-kubernetes-recipe
- Owner: robincher
- License: mit
- Created: 2020-11-03T08:51:13.000Z (almost 5 years ago)
- Default Branch: main
- Last Pushed: 2021-08-11T03:22:13.000Z (about 4 years ago)
- Last Synced: 2025-01-23T01:28:53.063Z (9 months ago)
- Topics: iap, kubernetes, pomerium
- Language: Shell
- Homepage: https://www.pomerium.com
- Size: 298 KB
- Stars: 2
- Watchers: 2
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Pomerium Kubernetes Recipe
[](http://makeapullrequest.com)
[](https://github.com/robincher/pomerium-kubernetes-recipe/blob/main/LICENSE)
## Introduction
Pomerium is a Identity aware proxy that aim to provide secure access from an untrusted network to your upstream services.
This repository is a collection of recipes for deploying Pomerium into a Kubernetes cluster.
I have written a detailed post about the implementation and motivation behind this deploying Pomerium IAP
## Preparation
This recipe is tested with the following
1. AWS Elastic Kubernetes Service (EKS) 1.17
2. Application LoadBalancer with HTTPS
3. Nginx Ingress (Optional) for Kubernetes Cluster - You can set-up Pomerium proxy service as a node port and bind directly to the Application Load Balancer
### System Context
## Directory Structure
```
|- assets
|- workloads
|-- pomerium
|-- common
```
1. Pomerium : Consists of all Pomerium related resources
2. Common : Other resources like mock services
## References
- [Pomerium Official Website](https://www.pomerium.com/)
- [Post on Pomerium with EKS](https://dev.to/robincher/moving-to-pomerium-identity-aware-proxy-4fom)