K8Studio learning resources

Kubernetes SSO with K8Studio

Follow practical, step-by-step guides for connecting K8Studio to Kubernetes clusters that use enterprise SSO. Start with Keycloak OIDC for a controlled lab, then validate cloud-provider SSO with EKS, GKE, and AKS.

Keycloak guideEKS SSO guideGKE SSO guideAKS kubelogin guide

What K8Studio needs to handle

1

Choose your SSO provider

Use Keycloak for generic OIDC and self-managed clusters. Use EKS SSO for AWS IAM Identity Center. Use GKE SSO for Google Cloud Identity. Use AKS kubelogin when access is backed by Microsoft Entra ID.

2

Create the identity mapping

Map a human user or group to Kubernetes permissions through RBAC or EKS access entries.

3

Add the kubeconfig to K8Studio

K8Studio reads the kubeconfig and follows the auth flow defined by the user entry.

4

Verify the login and failure states

Test a successful login, an expired session, and a logged-out state so the user experience is predictable.

Use Keycloak OIDC with K8Studio

Build a local or self-managed Kubernetes SSO flow with Keycloak, browser login, OIDC kubeconfig users, and RBAC.

  • +Keycloak realm and client
  • +OIDC kubeconfig
  • +Kubernetes RBAC
  • +K8Studio login test

Open step-by-step guide

Use AWS EKS SSO with K8Studio

Connect K8Studio to EKS using AWS IAM Identity Center, AWS CLI exec authentication, and EKS access entries.

  • +IAM Identity Center
  • +AWS SSO profile
  • +EKS access entry
  • +K8Studio exec auth

Open step-by-step guide

Use Google GKE SSO with K8Studio

Connect K8Studio to GKE with Google Cloud login, gke-gcloud-auth-plugin, kubeconfig exec auth, IAM, and RBAC.

  • +Google account login
  • +GKE auth plugin
  • +GKE kubeconfig
  • +K8Studio connection test

Open step-by-step guide

Use Azure AKS kubelogin with K8Studio

Connect K8Studio to AKS using Microsoft Entra ID, Azure CLI login, kubelogin exec authentication, and Azure RBAC.

  • +Azure CLI login
  • +AKS Entra ID
  • +kubelogin kubeconfig
  • +K8Studio connection test

Open step-by-step guide

Screenshot plan

Send the screenshots for the K8Studio cluster picker, provider login pages, error states, and successful cluster views. The subpages have screenshot slots ready for those images.