Categories
django IAM Integration Keycloak OAuth

Best Django Openidc Package

I think we know the security benefits and the development benefits of using a delegated authentication protocol like OpenIDC or SAML. However, actually doing the integration in the application can be difficult at times. There is a lack of documentation and guidance on the best modules or packages to use for the various frameworks. In […]

Categories
ansible awx IAM Keycloak

Using Keycloak as the Identity Provider for AWX

Good day, in this post I will show you how to use Keycloak (Open source Redhat SSO) as the identity provider for AWX. I am basing this tutorial on the post on red hat SSO integration on ansible.com and from the AWX docs on SAML authentication Prerequisites You need the following set up: AWX instance […]

Categories
IAM Security Server Vault

Practical Application: Implementing SSH security with TLS certificates

In any organisation of a large size managing access to servers and cloud resources is difficult. There is often a tradeoff between convenience and security. Changing these settings is also a bit scary in production as you can be locked out of your servers… One solution mentioned by facebook engineering and smallstep is to make […]

Categories
IAM Keycloak

Integrating Keycloak and Harbor Registry with OpenID Connect

The documentation for setting up an OpenIDC identity provider / authentication method for Harbor Registry can be found in the harbor docs. Harbor has supported OIDC since version 1.8. Importantly: You can change the authentication mode from database to OIDC only if no local users have been added to the database. If there is at […]

Categories
Containerisation IAM Keycloak Kubernetes

Setting up Keycloak on Kubernetes

First thing to do is get familiar with keycloak. once you are happy it might be useful take a look at the keycloak quickstarts. They seem to have all the examples and samples on getting going with keycloak. In particular you want to look at the keycloak kubernetes examples For posterity I will show the […]