Explore how to establish trust and protect the integrity of Kubernetes resources in this conference talk. Learn to use Sigstore for signing YAML definitions and Kyverno for verifying resources during admission controls. Discover real-world use cases for resource signing, including tamper-prevention and approval workflows, utilizing open-source tools like Cosign and Kyverno. Gain insights into Kubernetes' powerful declarative configuration management system and how to enhance its security. Presented by Jim Bugwadia from Nirmata and Yuji Watanabe from IBM Research, this 22-minute talk offers valuable knowledge for developers and end-users working with Kubernetes and other CNCF-hosted projects.
Securing Kubernetes Manifests with Sigstore and Kyverno
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
Securing Kubernetes Manifests with Sigstore and Kyverno - Jim Bugwadia, Nirmata & Yuji Watanabe
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Protecting Kubernetes Resource Manifests in End-to-End Software Development Lifecycle
-
Kubernetes Policy as Code with Kyverno
-
Secure Kubernetes Manifests with Cosign and Kyverno
-
Certified Kubernetes Application Developer: Application Environment, Configuration, and Security
-
Kubernetes Policy Time Machine - Navigating Policy Options and Future Directions
-
Securing Kubernetes Manifests with Sigstore Cosign - Options and Best Practices
