-
Type: Task
-
Resolution: Unresolved
-
Priority: Unknown
-
None
-
Component/s: Authentication
-
None
Summary
Drivers will add a "k8s" implementation of an OIDC_CALLBACK that handles AWS EKS, GCP GKE, and Azure AKS.
Motivation
End users want to directly use tokens provided by the Kubernetes Service Account to authenticate to MongoDB.
Notes
We can use the same test procedure for all three environments, by deploying a debian-based pod and pushing the driver
test files to the pod. The callback will look for the presence of environment variables to determine the correct local
path for the token file.
Acceptance Criteria
Drivers add a "k8s" callback and test against all three environments.
- depends on
-
SERVER-92329 Support issuers with trailing slashes in OIDC
- Closed
- is related to
-
DRIVERS-2415 Implement OIDC SASL mechanism
- In Progress
- related to
-
DRIVERS-2945 Support for AWS EKS Pod Identity
- Backlog
- split to
-
CDRIVER-5528 Add Kubernetes Support for OIDC
- Backlog
-
CXX-3000 Add Kubernetes Support for OIDC
- Backlog
-
MOTOR-1293 Add Kubernetes Support for OIDC
- Backlog
-
RUBY-3437 Add Kubernetes Support for OIDC
- Backlog
-
RUST-1905 Add Kubernetes Support for OIDC
- Backlog
-
PHPC-2479 Add Kubernetes Support for OIDC
- Blocked
-
GODRIVER-3175 Add Kubernetes Support for OIDC
- Ready for Work
-
JAVA-5405 Add Kubernetes Support for OIDC
- In Progress
-
CSHARP-5026 Add Kubernetes Support for OIDC
- Closed
-
NODE-6069 Add Kubernetes Support for OIDC
- Closed
-
PYTHON-4330 Add Kubernetes Support for OIDC
- Closed