Klavs Klavsen

My usecase is to be able to connect to servers behind NAT - from our "travelling workers" - ie. all us working remotely/from home - to be able to access...

if we get it working with auth0 f.ex. - we'd gladly take a stab at adding keycloak support.

> Link to the create role script? https://github.com/coreos/etcd-operator/blob/master/example/rbac/create_role.sh

So how should this actually look, for it to work? https://github.com/coreos/etcd-operator/blob/master/example/deployment.yaml

I had considered extending tcp-shaker ( https://github.com/tevino/tcp-shaker/issues/20 ) - but this exporter is exactly what I need - I just need it to support tcp - so I can get...

Its actually a very commonly used method - by f.ex. haproxy etc.. see https://github.com/tevino/tcp-shaker that does "something along these lines". you send a syn, get a syn-ack and send a...

And I didn't say the network teams response was a good one - but I've seen this often in many larger orgs - they only respect findings done with tcp...

But what does this client secret grant access too ? you still need a google account (if using it against google oidc) within the org that the client-id secret belongs...

So it actually IS a risk storing client secret in .kube/config file (due to phishing).. Could client secret (as used for identity provider) be stored in kubernetes secrets - so...

According to https://developer.okta.com/blog/2019/10/21/illustrated-guide-to-oauth-and-oidc