feat(cli): Add token authentication support for connect kube helper #6333

Kaldei · 2026-01-14T07:33:48Z

Description

Adds support for consuming password-type credentials when connecting to Kubernetes targets using boundary connect kube helper command.

When a password credential is brokered through Boundary, the command will now pass it as a bearer token to kubectl using the --token flag.

Tested with both Static and Vault credential stores against an actual Kubernetes cluster.

I have documented a clear reason for, and description of, the change I am making.
If applicable, I've documented a plan to revert these changes if they require more than reverting the pull request.
If applicable, I've documented the impact of any changes to security controls.
Examples of changes to security controls include using new access control methods, adding or removing logging pipelines, etc.

Reason for change: Enable connect kube helper to authenticate to Kubernetes clusters using credentials brokered.

Revert plan: Can be fully reverted by reverting this PR.

Security control impact: No changes to security controls. Follows existing pattern from other connect commands (SSH, Postgres, Redis).

feat(cli): Add token authentication support for connect kube helper

5796ffd

Kaldei requested a review from a team as a code owner January 14, 2026 07:33

github-actions bot added the core label Jan 14, 2026