Dates
Conferences
Tags
Sort by:
Most recent
Conference: KubeCon + CloudNativeCon Europe 2023
Authors: Jeremy Rickard
2023-04-20
tldr - powered by Generative AI
The presentation discusses the challenges of producing software bills of materials (S-BOMs) and the use of gatekeeper and external data to enforce policies in Kubernetes clusters.
- Producing S-BOMs for Windows is a complex task that requires new tools and frameworks.
- Automation is necessary to make S-BOMs useful and enforce policies in clusters.
- Gatekeeper, based on Open Policy Agent, can be used with external data providers to enforce policies in Kubernetes clusters.
- OCI 1.1's refers API allows for the association of S-BOMs and signatures with images in registries.
Conference: KubeCon + CloudNativeCon North America 2022
Authors: Tim Allclair, Sam Stoelinga
2022-10-27
tldr - powered by Generative AI
The presentation discusses the migration from Pod Security Policy (PSP) to Pod Security Admission (PSA) in Kubernetes and the limitations of PSA.
- PSA is a simpler and more secure way to manage pod security in Kubernetes
- PSA is built into Kubernetes and guarantees that any new features added to Kubernetes will be constrained by PSA
- The PSP Migrator tool can be used to detect and migrate from PSP to PSA
- PSA has limitations such as using namespace labels to control it and lack of customization