Access to applications (not only those running on the Kubernetes platform) should be properly secured, meaning users must authenticate correctly (e.g., using a password) and obtain proper authorization (have the required permissions). There are many ways and standards to achieve this. In the repository Ingress Nginx controller with authentication, I have prepared an example of applications running on a locally created Kubernetes cluster, where access is secured using:

  • bearer token
  • OAuth
  • certificate
  • login and password

I hope these simple examples illustrate the differences in application security methods well and also serve as a good starting point for more advanced configurations :)