Kubernetes API proxy

Use Pomerium to secure access to your Kubernetes clusters just like with your web apps. Pomerium brings consistent authentication, authorization, tooling, and auditing across cloud and on-premise deployments. No VPN client or cloud provider account is required. 

pomerium kubernetes example
Diagram of how Pomerium can add global policy controls to Kubernetes clusters
Single pane of glass authorization

Global policy for all clusters

Protect clusters using continuously validated authorization policy. Rapidly and securely manage access for your engineering teams without cumbersome authentication toolchains or privilege escalation processes. 

kubernetes audit log code example
Visibility across clusters and resources

Global audit trail

Centrally log Kubernetes actions across clusters without custom audit integrations. Use consistent identity information to correlate user actions in Kubernetes across clusters and other protected applications.

kubernetes native integration code example
First class support

Native integration

Use any compatible identity provider to authenticate and authorize your users in Kubernetes. Identity can be directly referenced in Kubernetes Role Bindings regardless of where your resources are deployed or the source of identity.