Sections in this category

User Management - SSO/SAML/RBAC*

*Note that SSO and RBAC capabilities are only included with a Kubecost Enterprise Subscription.

Kubecost supports access control/Single Sign On (SSO) with SAML 2.0. Kubecost works with most identity providers including Okta, Auth0, AzureAD, PingID, and KeyCloak.

High-level access control options:

  • User authentication SSO provides a simple mechanism to restrict application access internally and externally
  • Custom access roles Limit users based on attributes or group membership to view a set of namespaces, labels, cluster, or other aggregations
  • Pre-defined user roles
    • admin: full control with permissions to manage users, configure model inputs, and application settings.
    • readonly: user role with read-only permission


Setup guide: https://github.com/kubecost/poc-common-configurations/tree/main/saml-okta

Additional troubleshooting guide

Contact us via email (support@kubecost.com) or join us on Slack if you have questions!

Edit this doc on GitHub