allArticles Conferences Presentations

Destroying Long-Lived Cloud Credentials with Workload Identity Federation

Conference: RSA Conference 2023

2023-04-24

Authors: Eric Johnson

Abstract

Attackers have been breaching the cloud for years by stealing long-lived credentials. To combat these attacks, cloud providers have been building improved authentication workflows for external identity providers. This technical session will explore Workload Identity Federation and how to replace long-lived cloud credentials with short-lived tokens signed by an OpenID Connect identity provider.

Materials:

Tags:

Post a comment

Related work

Who Are You? I Really Want to Know… the Magic Behind OIDC

Conference: Cloud Native SecurityCon North America 2023

Authors: Eddie Zaneski

🦝 Secure the Build, Secure the Cloud: Using OIDC Tokens in CI/CD Pipelines

Conference: KubeCon + CloudNativeCon Europe 2023

Authors: Alex Ilgayev, Elad Pticha

2023-04-21

Why Machines Deserve Rights: Rethinking Automated Infrastructure Access with OSS Teleport Machine ID

Conference: Cloud Native SecurityCon North America 2022

Authors: Kenneth DuMez

2022-10-24

Multi-Cloud Workload Identity With SPIFFE

Conference: KubeCon + CloudNativeCon Europe 2022

Authors: Charlie Egan, Jake Sanders

2022-05-20

From the Cluster to the Cloud: Lateral Movements in Kubernetes

Conference: Cloud Native SecurityCon North America 2023

Authors: Yossi Weizman, Ram Pliskin

Production Workload Identity with SPIRE

Conference: KubeCon + CloudNativeCon North America 2021

Authors: Ryan Turner

2021-10-15