Welcoming AWS to the Kubernetes ecosystem, and introducing a new open source project for Kubernetes authentication

With the announcement of Amazon’s EKS managed Kubernetes service, Heptio welcomes Amazon Web Services to the Kubernetes community! Heptio is focused on ensuring that Kubernetes works well in every environment and believes that managed services like Amazon EKS offer significant advantages to customers who don’t want to deal with the mechanics of building and operating their own clusters. By working closely with the upstream community, we believe that Amazon EKS customers will benefit from the innovative power of the open source ecosystem, and will have access to the widest possible array of development tools and supporting technologies.

As with any production environment, a key requirement for running Kubernetes on AWS is to ensure only the right people have access to the right resources. Kubernetes has its own role based access control system, and to make it most useful to AWS customers that system needs to be well integrated with AWS’s identity and access management system. We have been working with customers over the past year to help them run Kubernetes everywhere, and released a basic tool for Amazon identity integration through Heptio Labs. Heptio is now excited to announce the graduation of that work to a formal project: Heptio Authenticator for AWS. It is a new open source project that enables developers to use AWS IAM credentials to authenticate to a Kubernetes cluster. Heptio will work over the coming months on Heptio Authenticator with AWS. Our mutual goal is to enable EKS to bridge identity and access management tooling between AWS and the Kubernetes technology. We are excited to have the opportunity to work with Amazon to make Heptio Authenticator great.

“Authentication using IAM is critical to how our customers use AWS services. For Amazon EKS we wanted to give customers a robust way to authenticate to the Kubernetes API without impacting their user experience,” said Deepak Singh, Director — Compute Services at AWS. “We found Heptio Authenticator for AWS ideal for the experience we want to give our customers, and we are excited to work with Heptio and the broader Kubernetes community to continue to make it easier to run their applications on AWS. AWS will contribute to Heptio Authenticator for AWS which will be open source so customers who choose to run their own Kubernetes clusters will also benefit from the development of this project.”

We will also focus on broadening the use case for Heptio Authenticator to any version of Kubernetes running on AWS, not just Amazon EKS. If you are an administrator running a Kubernetes cluster on AWS, you already need to manage AWS credentials for provisioning and updating the cluster. By using Heptio Authenticator, you avoid having to manage a separate credential for Kubernetes access.

We are thrilled with the steps Amazon is taking to bring upstream Kubernetes to a wider audience, while promoting open source projects — and we look forward to our continued work with Amazon to make EKS even better on its road to general availability.

Try out Heptio Authenticator for AWS today.