Presented at
BSidesSF 2017,
Feb. 13, 2017, 2:10 p.m.
(30 minutes).
The talk will begin with an overview of Kubernetes concepts and individual components. Next, I will walk through how authentication and authorization work in Kubernetes. Finally, I will explain how Hashicorp Vault's PKI backend can be used to issue certificates for Kubernetes transport security and authentication, and assist with authorization (by embedding group membership information within client certificates).
Presenters:
-
Jesse Endahl
- CSO & CPO - Fleetsmith
Jesse is co-founder, CPO, and CSO at Fleetsmith. He previously worked at Dropbox, where he spent a year as an IT Engineer and two and a half years as an Infrastructure Security Engineer. Prior to Dropbox, he was the IT Manager at C&T Publishing, a publishing house in the Bay Area. Jesse cut his teeth on all things Apple early in his career, working as a Genius at the Apple Store during college. He studied Political Economy & Urbanization at the University of California, Berkeley, and is a classically trained vocalist.
Links:
Similar Presentations: