Skip to content

Add optional host to KubernetesServiceConnection #2469

New issue
New issue
Open
Open
Add optional host to KubernetesServiceConnection#2469
Labels
kind/featureCategorizes issue or PR as related to a new feature.
@aberenda-optifino

Description

@aberenda-optifino
aberenda-optifino
opened on Nov 12, 2025

What is the feature and why do you need it:

I’m running Authentik with Istio, and I’ve configured Istio to block all outbound traffic from Authentik except explicitly allowed destinations. However, the outpost_service_connection_monitor component connects to the Kubernetes API using an IP address by default, which makes it difficult to configure Istio rules.

If the KubernetesServiceConnection class provided an optional host field that could be used like this:

config.host = connection.host

it would allow the use of a hostname such as https://kubernetes.default.svc, making it much easier to configure Istio to permit access to the Kubernetes API.

Describe the solution you'd like to see:

Add an optional host field to KubernetesServiceConnection and use it to override the default API endpoint when initializing the Kubernetes client.

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/featureCategorizes issue or PR as related to a new feature.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions