Dates
Conferences
Tags
Sort by:
Most recent
Conference: Cloud Native SecurityCon North America 2022
Authors: Eli Nesterov
2022-10-25
tldr - powered by Generative AI
The presentation discusses the keys to a successful SPIRE rollout in production, based on learnings from multiple successful production deployments and commonly asked questions in SPIFFE/SPIRE Slack channels.
- Understand trust boundaries and how they map into SPIFFE trust domains
- Consider how this mapping affects your PKI and where to store keys
- Federation between independent SPIFFE systems can affect performance and bundle size
- Investment into building your own system depends on how much you trust it
- Consider architecture patterns, deployment models, logging, monitoring, security, availability, and performance topics when moving from proof of concept to production
Conference: KubeCon + CloudNativeCon North America 2021
Authors: Andrew Harding
2021-10-15
tldr - powered by Generative AI
The presentation discusses the use of SPIFFE/SPIRE for cross-cluster authentication in Kubernetes.
- SPIFFE is a set of specifications for getting a cryptographic identity for workloads to authenticate with other workloads
- SPIRE is a tool that implements SPIFFE specifications
- Cross-cluster authentication is complicated, but can be solved with SPIFFE/SPIRE
- The presentation includes a live coding and demo session to show how easy it is to use SPIFFE/SPIRE in Kubernetes workloads