PodCTL - Enterprise Kubernetes

Security: Identity Management, RBAC, Authentication and Authorization

November 13, 2017 Brian Gracely & Tyler Britten
PodCTL - Enterprise Kubernetes
Security: Identity Management, RBAC, Authentication and Authorization
Show Notes

Show: 15

Show Overview: Brian and Tyler continue their focus on Security with Marc Boorshtein (@mlbiam, CTO of @tremolosecurity), discussing Identity Management, Container and Kubernetes Authorization and Authentication, RBAC, and how IT teams evolve to manage security in more agile environments.
 
Show Notes:

Topic 1 - Let’s talk about User authentication in Kubernetes>

  • Certificate Authentication 
  • OpenID Connect 
  • Reverse Proxy

Topic 2 - Let’s dig into the various types of Authorizations

  • Overview of RBAC (Role-Based Access Control)
  •  Mapping of Roles to Users and Groups 
  • Organizational Challenges

Topic 3 - Given that various people (Devs & Ops) interact with dashboards, how do we manage that Authentication?

Topic 4 - How are organizations evolving to keep up with this more agile form of software development and the associated security challenges?

Feedback?