Security: Identity Management, RBAC, Authentication and Authorization

Show Notes

Show: 15

Show Overview: Brian and Tyler continue their focus on Security with Marc Boorshtein (@mlbiam, CTO of @tremolosecurity), discussing Identity Management, Container and Kubernetes Authorization and Authentication, RBAC, and how IT teams evolve to manage security in more agile environments.
 
Show Notes:

• PodCTL #14 - Security: Hosts, Registries, Content and Pipelines
• [Video] Identity Management and Compliance
• [Video] DevOps Identity Management
• [Website] Tremolo Security
• 10 Layers of Container Security
• Open Source k8s SSO project
• Open Source OpenShift Identity Manager project

Topic 1 - Let’s talk about User authentication in Kubernetes>

• Certificate Authentication 
• OpenID Connect 
• Reverse Proxy

Topic 2 - Let’s dig into the various types of Authorizations

• Overview of RBAC (Role-Based Access Control)
•  Mapping of Roles to Users and Groups 
• Organizational Challenges

Topic 3 - Given that various people (Devs & Ops) interact with dashboards, how do we manage that Authentication?

Topic 4 - How are organizations evolving to keep up with this more agile form of software development and the associated security challenges?

Feedback?

• Email: PodCTL at gmail dot com
• Twitter: @PodCTL 
• Web: http://podctl.com