K8s authn-jwt based authentication

Hi,
are there any document to configure k8s authn-jwt based authentication?
this page only talks about authn-k8s:
https://docs.conjur.org/Latest/en/Content/Integrations/k8s-ocp/k8s-k8s-authn.htm?tocpath=Integrations|OpenShift%2FKubernetes|_____4

Thanks,
Marco

Hi @iampolo,
I don’t think we have official documentation on this yet, but we do have sample helm charts that us jwt that should be helpful.
Please let us know if you have any specific questions after reviewing those.

Hi @iampolo,

Have you checked out the JWT Authenticator for Kubernetes (JWT-based) docs? They are for Conjur Enterprise but also apply to Conjur OSS.

Samir

@samir.shetty @szh
Thank you for the information. I do aware those JWT-based docs in that link.

Our application runs in OCP. Because the use cases are different from regular app., initcontainer or sidecar pattern doesn’t apply to us.
We will use GitHub - cyberark/conjur-api-go: Go client for the CyberArk Conjur API to develop a client library to programmatically retrieve credentials from Conjur by using Service Account JWT token.
I am still doing some investigation, but do you think I am on the right track by first setting up the JWT authenticator for k8s in Conjur, and then use conjur-api-go to access the conjur?

@iampolo I’d love to hear more about your use case, in particular the challenges around init container/sidecar. Without those constraints you could have simply used GitHub - cyberark/secrets-provider-for-k8s: Cyberark secrets provider for k8s. Feel free to reach out to me via email at samir.bhatt at cyberark.

do you think I am on the right track by first setting up the JWT authenticator for k8s in Conjur, and then use conjur-api-go to access the conjur?

Yes that sounds like a good approach.