Express YourSelf !

Alternatives for IDP 

(1) https://github.com/JanssenProject/jans  https://github.com/JanssenProject/jans/tree/main/jans-keycloak-link   https://imshakil.medium.com/janssen-mod-auth-openidc-module-to-test-openid-connect-single-sign-on-s…  It is by Glu 

(2) Vault it self support OIDC https://developer.hashicorp.com/vault/docs/secrets/identity/oidc-provider    https://brian-candler.medium.com/using-vault-as-an-openid-connect-identity-provider-ee0aaef2bba2

SQL++ is for JSON data. https://www.couchbase.com/sqlplusplus/

https://techmilap.com/ is free website for hosting event

Vault can provide dynamic temporary secrets to access data for each identity used by consumer. so later on, we can audit, who has accessed data. In our case, pods use ServiceAccount (SA). here we get dynamic secret per serviceaccount. So we cannot audit which pod accessed the data. we can only audit, data is accessed by which ServiceAccount. This dynamic secret has short life so one cannot use it again. SA we can use it as many time as we want.

Vault secure data in-transit with TLS and other encryption method that is called "encryption as a service"

In terraform, state file is the most confidential. 

Nomad is alternative of K8s. It can manage VM also using QEMU driver. Consul is used for networking and service. Fabio is for ingress and load balancing in Nomad.