SPIFFE: Universal X509 and JWT Identities Using cert-manager
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Learn how to implement SPIFFE (Secure Production Identity Framework for Everyone) using cert-manager in this technical conference talk. Discover a simplified approach to assigning universal identities to workloads in distributed systems without the complexity of SPIRE's StatefulSets deployment. Explore how to leverage Cloud Native cert-manager for implementing both X509 and JWT SPIFFE identities with minimal operational overhead in Kubernetes environments. Master the essentials of issuing, using, and validating X.509 SVIDs, while examining an experimental solution for converting X509 SVIDs to JWT SVIDs. Follow along with practical demonstrations showing how to authenticate to major cloud providers' APIs including AWS, GCP, and Azure using JWT SVIDs, all while avoiding vendor lock-in typically associated with turnkey SPIFFE solutions.
Syllabus
SPIFFE the Easy Way: Universal X509 and JWT Identities Using cert-manag... Tim Ramlot & Ashley Davis
Taught by
CNCF [Cloud Native Computing Foundation]