Skip to content

Security

Authentication Provider

Authentication for the cluster is configured as part of the cluster creation process. SAAP is not an identity provider, and all access to the cluster must be managed by the customer as part of their integrated solution. Creating multiple identity providers at the same time is supported. The following identity providers are supported:

  • GitHub or GitHub Enterprise OAuth
  • GitLab OAuth
  • Google OAuth
  • LDAP
  • OpenID connect

Privileged Containers

Privileged containers are not available by default on SAAP. The anyuid and nonroot Security Context Constraints (SCC) are available for members of the sca (SAAP Cluster Admin) group, and should address many use cases. Privileged containers are only available for sca users.

Customer Administrator User

In addition to normal users, Stakater provides access to a SAAP-specific group called sca. The permissions for this role is described on the roles in SAAP.

Cluster Administration Role

As an administrator of SAAP, you have access to the cluster-admin role. While logged in to an account with the cluster-admin role, users have mostly unrestricted access to control and configure the cluster.

Copyright © 2023 Stakater AB – Change cookie settings