Dates
Conferences
Tags
Sort by:
Most recent
Conference: KubeCon + CloudNativeCon North America 2022
Authors: Leigh Capili
2022-10-27
tldr - powered by Generative AI
The presentation discusses the basics of Kubernetes Role-Based Access Control (RBAC) and how it can be used to create a flexible system that allows teams to work together in deploying cloud-native apps.
- Kubernetes is an operating system that turns servers or cloud data centers into one big computer
- RBAC is the authorization part of the API that lets teams share and block off parts of the computer to run the system
- RBAC is composed of RBAC basics, identity details, common misunderstandings, RBAC's limitations, auditing, and useful patterns for real-world implementations
- RBAC's subjects are users and groups, and apps
- The presentation includes a performance art piece and live demos to illustrate the points discussed
Conference: CloudOpen 2022
Authors: Andrew Martin
2022-06-21
tldr - powered by Generative AI
The presentation discusses the concept of workload identity and its importance in securing cloud native systems. It explores the limitations of traditional authentication mechanisms and proposes the use of dynamic credentials and hardware roots of trust.
- Historically, identifiers such as IP addresses, passwords, and certificates were used for authentication, but they are no longer effective in dynamic cloud native systems.
- Workload identity is a way for workloads to prove their identity without the need for a secret.
- A trusted third party is needed to issue identities, and identity documents should be short-lived and verifiable through cryptography.
- TPMs, Keylime, and trusted execution environments can provide stronger guarantees of identity and integrity.
- Spire and Spiffy are useful tools for managing workload identity in more complex environments.