Hey @atomatnus -
We don’t officially document support for using a follower outside of Kubernetes for our authn-k8s integration, since our official recommendation is to deploy a follower internal to your cluster. I’m checking to see if someone can weigh in on the best practices for configuring DAP this way
The authn-k8s follower leverages the K8s API to use native properties of the platform to identify your apps running in K8s, and to do this it needs appropriate RBAC permissions to access what it needs from the K8s API. For reference, this page gives info on the ClusterRole that each K8s-deployed follower should have defined, and each page here describes the RoleBinding required in your application namespaces to enable the follower to verify your application identities and inject the certificates / tokens into your app environments.
I’ll keep you posted on what other info I can find.