Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Production Workload Identity with SPIRE

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore the implementation of secure workload identity in production environments using SPIRE in this conference talk from KubeCon + CloudNativeCon Europe 2022. Discover how SPIRE, a CNCF Incubating project, provides short-lived, automatically rotated identities for workloads based on the SPIFFE specification. Learn about the core design of SPIRE and its application in cloud-native architectures to enhance defense-in-depth. Gain insights into the journey of service organizations, from three-tier architectures to microservices, and understand the fundamentals of SPIFFE, including workload identity description, SPIFFE ID anatomy, and X.509-SVID structure. Delve into SPIRE's architecture, registration process, and workload attestation. Conclude with an overview of upcoming features that expand SPIRE's capabilities as a production identity platform and discover resources for further learning about SPIFFE and SPIRE.

Syllabus

Intro
Journey of a Services Organization
v1: Three-Tier Architecture
v2: Microservices Architecture
Where Do We Go from Here?
Workload Identity with SPIFFE
SPIFFE 101 Q: How does SPIFFE describe a workload identity ?
Anatomy of a SPIFFE ID
Anatomy of an X.509-SVID
Anatomy of a JWT-SVID
Intro to SPIRE
SPIRE Architecture
A Day in the Life of an X.509-SVID
Anatomy of a SPIRE Registration
Workload Attestation
What We've Seen So Far
What's Coming Next in SPIRE
Learn More about SPIFFE/SPIRE

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Production Workload Identity with SPIRE

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.