Learn how Grafana Labs revolutionized their CI/CD pipeline security in this 29-minute conference talk from SREcon24 Europe/Middle East/Africa. Explore the journey from static secrets management to implementing OIDC-based access through GitHub Actions, creating a "secretless" system for cloud resource access. Discover practical strategies for developing shared jobs and abstractions that simplify secure access while maintaining robust security protocols. Gain insights from real-world challenges and lessons learned during implementation, including a detailed examination of security incidents and their resolutions. Master the techniques for transitioning to OIDC-based authentication that simultaneously enhances security measures and reduces operational complexity, benefiting both engineering teams and security requirements.
Overview
Syllabus
SREcon24 Europe/Middle East/Africa - I Can OIDC You Clearly Now: How We Made Static Credentials a...
Taught by
USENIX