Easy OIDC is a minimal OpenID Connect (OIDC) provider designed to streamline authentication for Kubernetes clusters. By leveraging existing Google or GitHub accounts, teams can authenticate without managing local passwords. This product is tailored for Kubernetes environments, offering a simple configuration for mapping group claims to facilitate Role-Based Access Control (RBAC).

Key Features

• Federated Authentication: Delegate authentication to Google or GitHub, eliminating the need for local password management.

• Kubernetes-Ready: Specifically built for Kubernetes RBAC with static group mappings.

• Minimal Infrastructure: Deploys on a single VM instance with auto-managed TLS.

• Secure by Default: Utilizes PKCE-only flows, Ed25519 signing, and automatic HTTPS via Let’s Encrypt.

• Cloud-Native: Includes Terraform/OpenTofu modules for AWS, with plans for GCP and Azure support.

Easy OIDC is open source, released under the Apache License 2.0, providing a simpler alternative to more complex solutions like Dex. It offers automatic token expiration and revocation, enhancing security by avoiding long-lived credentials. Deploying Easy OIDC involves setting up an upstream OAuth provider, deploying to AWS using the provided Terraform module, and configuring your Kubernetes cluster for seamless authentication.