This subsection describes the architecture of the IAM subsystem (Identity and Access Management) of Deckhouse Kubernetes Platform (DKP).
The IAM subsystem provides the following features in DKP:
- User authentication
- Role-based access control (RBAC)
- Multitenancy
- Automatic assignment of annotations and labels to namespaces
The IAM subsystem includes the following modules that implement the features described above:
user-authn: User authentication.user-authz: Role-based access control (RBAC).multitenancy-manager: Multitenancy.namespace-configurator: Automatic assignment of annotations and labels to namespaces.