Set up GKE Identity Service for individual clusters
This document is for cluster administrators or application operators who want to set up GKE Identity Service on individual clusters, allowing developers and other users to log in to the clusters using their existing identity details from identity providers.
Before you begin
- Ensure that your platform administrator has given you all the necessary information to register GKE Identity Service with your identity provider.
- Ensure that you have the following command line tools installed:
- Use the 474.0.0 version of the Google Cloud CLI or higher, which includes
gcloud
, the command line tool for interacting with Google Cloud. If you need to install the Google Cloud CLI, see the installation guide.
- Use the 474.0.0 version of the Google Cloud CLI or higher, which includes
kubectl
for running commands against Kubernetes clusters. If you need to installkubectl
, follow these instructions.If you are using Cloud Shell as your shell environment for interacting with Google Cloud, these tools are installed for you.
Ensure that you have initialized the gcloud CLI for use with the project where the clusters are registered.
Set up individual clusters based on your configured provider
You can set up GKE Identity Service for individual clusters. Based on the identity provider configured, you can set up GKE Identity Service for individual clusters in one of the following ways:
- Set up clusters for GKE Identity Service with OIDC
- Set up clusters for GKE Identity Service with SAML
- Set up clusters for GKE Identity Service with LDAP