Explore the implementation of Zero Trust principles in Kubernetes workload identity through this informative conference talk. Delve into the challenges of traditional authorization methods using passwords and secret keys, and discover a simpler solution that ties authorization directly to the workload's identity. Learn about SIFFE (the specification) and Spire (the implementation) as tools for achieving Zero Trust systems. Gain insights into implementing explicit authorization between services across a service mesh in Kubernetes using workload identity. Examine centralized policy enforcement techniques and explore integrations with emerging projects like Keylime for hardware attestation-based identity and Sigstore for identity during software builds. Understand how this approach can enhance security, simplify deployment, and reduce the risk of breaches in Kubernetes environments.
Overview
Syllabus
Zero Trust Workload Identity in Kubernetes - Michael Peters, Red Hat
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Introduction to Zero Trust
-
Microsoft Security, Compliance, and Identity Fundamentals: Describe the concepts of security, compliance, and identity
-
Production Workload Identity with SPIRE
-
Demystifying and Enabling Workload Identity Across the Cloud Native Ecosystem
-
Zero Trust Supply Chains with Project Sigstore and SPIFFE
-
The Evolution of Zero-Trust Techniques with Workload-Level Identity
