CIO Influence
CIO Influence News Security

Rafay Launches Paralus, an Open-Source Tool to Manage Secure Access to Kubernetes from Anywhere

Rafay Launches Paralus, an Open-Source Tool to Manage Secure Access to Kubernetes from Anywhere
Paralus helps you achieve zero-trust access to Kubernetes clusters with zero friction

Rafay Systems, the leading platform provider for Kubernetes Operations, today launched a new open-source software project named Paralus to enable secure, audited access for developers, operations, SREs and CI/CD tools to remote Kubernetes (K8s) clusters.

ITechnology Cloud News: Cloud Security Alliance, Cyber Risk Institute Partner to Create Cloud Controls Matrix (CCM) Addendum for the Financial Sector

Paralus offers access management for developers, architects, and CI/CD tools to remote K8s clusters by consolidating zero-trust access principles such as transaction level authentication and authorization into a single open-source tool. It helps engineering and architecture teams streamline access control for their fleet of K8s clusters spanning different operating environments, different public clouds and K8s distributions, and on-premises data centers operating behind firewalls.

The inability to secure K8s infrastructure is a growing problem for organizations. In May 2022, a non-profit security organization named The Shadowserver Foundation scanned more than 450,000 systems hosting K8s and found more than 380,000 (84 percent) of these systems were accessible via the Internet, potentially providing an opening into a corporate network. In fact, the data shows that the majority of K8s API servers are found in the United States (nearly 53 percent). Per Shadowserver, “Enterprises using a K8s API server that is accessible should implement authorization for access or block it at the firewall to reduce the attack surface.”

Paralus addresses this security issue by providing a frictionless way for developers and architects to leverage open-source software that uses zero-trust principles to secure access to all K8s environments and harden security practices for cloud-native applications. To learn more about Paralus or contribute to the open-source project, visit the resources below:

  • Documentation: https://www.paralus.io/docs
  • GitHub: https://github.com/paralus/paralus
  • Slack workspace: https://join.slack.com/t/paralus/shared_invite/zt-1a9x6y729-ySmAq~I3tjclEG7nDoXB0A
  • Blog: https://www.paralus.io/blog

Zero-Trust K8s Access with Paralus

Paralus grants authorized users seamless and secure access to all clusters with a native and familiar kubectl experience by acting as a proxy between the users and systems needing access and the K8s API server. It also addresses one of K8s’ main pain points by eliminating the burden of managing K8s access controls cluster by cluster. Without Paralus, companies must manually manage access to each cluster using jump hosts or VPNs, and build custom tooling to audit and map all actions performed to a user’s identity – all of which which is error-prone and increases the risk of breaches as the number of clusters grows.

ITechnology Cloud News: Keytos EZCA Now Available in the Microsoft Azure Marketplace

Along with helping directly manage role-based access control (RBAC) policies and assignments, Paralus enables:

  • Creation of custom roles, users, and groups
  • Dynamic and immediate changing and revoking of permissions
  • Ability to control access via pre-configured roles across clusters, namespaces, projects, and more
  • Seamless integration with Identity Providers (IdPs) allowing the use of external authentication engines for users and group definitions, such as GitHub, Google, Azure AD, Okta, and others
  • Automatic logging of all user actions performed for audit and compliance purposes
  • Flexible workflows with a modern web GUI, a CLI tool called pctl, and a Paralus API

“While Kuberentes is the de facto standard for container orchestration, companies have significant challenges related to securing this new, mission critical infrastructure. Rafay is leveraging its industry leadership and unmatched expertise in the Kubernetes arena to contribute this highly valuable asset to the community,” said Haseeb Budhani, CEO and co-founder of Rafay Systems. “Today, Paralus’ capabilities are the most widely used in the company’s Kubernetes Operations Platform offering, and has been battle tested by thousands of architects, developers, operations, and DevSecOps professionals at world-leading companies. We are excited to open source this technology, submit Paralus to the Cloud-Native Computing Foundation (CNCF), and assist the broader community in solving this critical access management issue that plagues Kubernetes deployments.”

ITechnology Cloud News: Acquia Partners with Workato to Power Enterprise Connectivity to Acquia CDP

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

Empire Merchants Selects 8×8 XCaaS for Enhanced Customer Communications and Engagement

Business Wire

Spirent Helps Jio Platforms Validate Cloud-Native 5G Core Network

CIO Influence News Desk

Riversand, A Syndigo Company, Announces Strategic Partnership with Nexer Group to Offer Cloud-Native Data Management Solutions for Digital Transformation

CIO Influence News Desk

Leave a Comment