ContainerImage.Pinniped/doc/scope.md
Andrew Keesler f66f7f14f5
First draft of public README (and neighboring docs)
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-08-26 18:19:35 -04:00

1.1 KiB

Project Scope

The Pinniped project is guided by the following principles.

  • Pinniped lets you plug any upstream identitiy providers into Kubernetes. These integrations follow enterprise-grade security principles.
  • Pinniped is easy to install and use on any Kubernetes cluster via distribution-specific integration mechanisms.
  • Pinniped uses a declarative configuration via Kubernetes APIs.
  • Pinniped provides optimal user experience when authenticating to many clusters at one time.
  • Pinniped provides enterprise-grade security posture via secure defaults and revocable or very short-lived credentials.
  • Where possible, Pinniped will contribute ideas and code to upstream Kubernetes.

When contributing to Pinniped, please consider whether your contribution follows these guiding principles.

Out Of Scope

The following items are out of scope for the Pinniped project.

  • Authorization.
  • Standalone identity provider for general use.
  • Machine-to-machine (service) identity.
  • Running outside of Kubernetes.

Roadmap

More details coming soon!

For more details on proposing features and bugs, check out our contributing doc.