logo
Dates

Author


Conferences

Tags

Sort by:  

Authors: Jeremy Rickard
2023-04-20

tldr - powered by Generative AI

The presentation discusses the challenges of producing software bills of materials (S-BOMs) and the use of gatekeeper and external data to enforce policies in Kubernetes clusters.
  • Producing S-BOMs for Windows is a complex task that requires new tools and frameworks.
  • Automation is necessary to make S-BOMs useful and enforce policies in clusters.
  • Gatekeeper, based on Open Policy Agent, can be used with external data providers to enforce policies in Kubernetes clusters.
  • OCI 1.1's refers API allows for the association of S-BOMs and signatures with images in registries.
Authors: Tim Allclair, Sam Stoelinga
2022-10-27

tldr - powered by Generative AI

The presentation discusses the migration from Pod Security Policy (PSP) to Pod Security Admission (PSA) in Kubernetes and the limitations of PSA.
  • PSA is a simpler and more secure way to manage pod security in Kubernetes
  • PSA is built into Kubernetes and guarantees that any new features added to Kubernetes will be constrained by PSA
  • The PSP Migrator tool can be used to detect and migrate from PSP to PSA
  • PSA has limitations such as using namespace labels to control it and lack of customization