I have some applications locked behind access, and I would like servers in my kubernetes cluster to access it. I have no control over application code, so adding service token at application level is not possible.
Is there any way to do this without modifying application code, perhaps adding a access proxy within my kubernetes cluster or are there any tooling that does this?
@ernest1 - Have you looked into bypass IPs? If your kubernetes cluster has a Public IP it uses you can add a bypass access policy
@allan.bernardo hey, thank you for your advice! I thought of that before, but there are multiple complications for this. My clusters are also virtual (they are re-created often, from different underlying clusters), so I would prefer a different method.
Service token will be insert as part of request headers, hence if you are able to place a proxy between your application in Kubernetes and Cloudflare Access, then I think you should be able to insert the request header which looks like this:
CF-Access-Client-Id: <Client ID>
CF-Access-Client-Secret: <Client Secret>