33 lines
1.1 KiB
Markdown
33 lines
1.1 KiB
Markdown
|
# Project Scope
|
||
|
|
|
||
|
|
The Pinniped project is guided by the following principles.
|
||
|
|
* Pinniped lets you plug any external identitiy providers into
|
||
|
|
Kubernetes. These integrations follow enterprise-grade security principles.
|
||
|
|
* Pinniped is easy to install and use on any Kubernetes cluster via
|
||
|
|
distribution-specific integration mechanisms.
|
||
|
|
* Pinniped uses a declarative configuration via Kubernetes APIs.
|
||
|
|
* Pinniped provides optimal user experience when authenticating to many
|
||
|
|
clusters at one time.
|
||
|
|
* Pinniped provides enterprise-grade security posture via secure defaults and
|
||
|
|
revocable or very short-lived credentials.
|
||
|
|
* Where possible, Pinniped will contribute ideas and code to upstream
|
||
|
|
Kubernetes.
|
||
|
|
|
||
|
|
When contributing to Pinniped, please consider whether your contribution follows
|
||
|
|
these guiding principles.
|
||
|
|
|
||
|
|
## Out Of Scope
|
||
|
|
|
||
|
|
The following items are out of scope for the Pinniped project.
|
||
|
|
* Authorization.
|
||
|
|
* Standalone identity provider for general use.
|
||
|
|
* Machine-to-machine (service) identity.
|
||
|
|
* Running outside of Kubernetes.
|
||
|
|
|
||
|
|
## Roadmap
|
||
|
|
|
||
|
|
More details coming soon!
|
||
|
|
|
||
|
|
For more details on proposing features and bugs, check out our
|
||
|
|
[contributing](../CONTRIBUTING.md) doc.
|