Overview
Centralize orchestration of Kubernetes API server access policies across environments and providers. Removes the need to implement expensive solutions such as VPN or a bastion server access model to enable secure access for users
Highlights
- Paralus can be easily integrated with your pre-existing RBAC configuration and your SSO providers, or Identity Providers (IdP) that support OIDC (OpenID Connect)
- Paralus provides teams with an adaptable system for guaranteeing secure access to resources when necessary, along with the ability to rapidly identify and respond to threats through dynamic permission revocation and real-time audit logs
- How simple it is to get started by importing any EKS cluster, no need to configure additional tooling Product categories: Kubernetes, and Security
Details
Features and programs
Financing for AWS Marketplace purchases
Pricing
Vendor refund policy
This is a placeholder value. Please update this value via the AWS Marketplace Management Portal.
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
Deploy Helm v0.2.0
- Amazon EKS
Helm chart
Helm charts are Kubernetes YAML manifests combined into a single package that can be installed on Kubernetes clusters. The containerized application is deployed on a cluster by running a single Helm install command to install the seller-provided Helm chart.
Version release notes
Paralus is a free, open source tool that enables controlled, audited access to Kubernetes infrastructure. It comes with just-in-time service account creation and user-level credential management that integrates with your RBAC and SSO. Ships as a GUI, API, and CLI.
Additional details
Usage instructions
You need to have Helm CLI (v 3.0.0+) installed, a Kubernetes cluster and kubeconfig configured to access the cluster. Use the command below to install Paralus via helm.
helm install paralus oci://709825985650.dkr.ecr.us-east-1.amazonaws.com/rafay-systems/ztka --version 0.2.3 -n paralus-system --create-namespace --set fqdn.domain="yourdomain.com" --set fqdn.hostname="console" --set fqdn.coreConnectorSubdomain=".core-connector.ztka" --set fqdn.userSubdomain=".user.ztka" --set deploy.postgresql.enable=true
Ensure all the pods are in running state kubectl get pods --namespace=paralus-system # Output shows paralus pods
Once the installation is complete, you need to first get the external IP address provided. You can do so by executing the following command: kubectl get svc <contour-envoy> -n paralus-system
Next you need to add three CNAME records to your domains DNS Settings reference: https://www.paralus.io/blog/eks-quickstart#configuring-dns-settings
Obtain your default password using below and reset it upon first login: kubectl logs -f --namespace paralus-system $(kubectl get pods --namespace paralus-system -l app.kubernetes.io/name='paralus' -o jsonpath='{ .items[0].metadata.name }') initialize | grep 'Org Admin default password:'
Complete instructions of installation and use the product: https://www.paralus.io/docs/installation
Resources
Vendor resources
Support
Vendor support
Free built-in support via paralus website. Enterprise Support is available at additional cost:
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.