Video
Video
[CNCF Hosted] Expanding the Capabilities of Kubernetes Access Control
[CNCF Hosted] Expanding the Capabilities of Kubernetes Access Control
This talk occurred at KubeCon SLC, 2024 Kubernetes RBAC is an effective way of managing ACLs in one cluster. However, there are many other effective paradigms out there, such as Attribute- & Relation-based Access Control. In this talk, we’ll demystify how these differ, and when to use respective paradigms, giving context and guidance. We’ll highlight how Kubernetes access control has recently evolved towards supporting lots of different use-cases. We take this opportunity to cover multiple perspectives: security within a single cluster (zooming in) and security within real-life production environments with external services and multiple clusters (zooming out). As containers became ubiquitous first with excellent tools like Docker, we believe the same can and will happen for access control, yielding uniform, interoperable and understandable authorization. Finally, we'll propose future work that could be done to supercharge Kubernetes and ensure it keeps up with the ever increasing security requirements in our industry.
This talk occurred at KubeCon SLC, 2024 Kubernetes RBAC is an effective way of managing ACLs in one cluster. However, there are many other effective paradigms out there, such as Attribute- & Relation-based Access Control. In this talk, we’ll demystify how these differ, and when to use respective paradigms, giving context and guidance. We’ll highlight how Kubernetes access control has recently evolved towards supporting lots of different use-cases. We take this opportunity to cover multiple perspectives: security within a single cluster (zooming in) and security within real-life production environments with external services and multiple clusters (zooming out). As containers became ubiquitous first with excellent tools like Docker, we believe the same can and will happen for access control, yielding uniform, interoperable and understandable authorization. Finally, we'll propose future work that could be done to supercharge Kubernetes and ensure it keeps up with the ever increasing security requirements in our industry.
[CNCF Hosted] Expanding the Capabilities of Kubernetes Access Control
Who you got infrastructure from and how you build applications for it has changed. Now more than ever, customers are utilizing best-in-class infrastructure from the vendors of their choice.
Subscribe to the Upbound Newsletter
[CNCF Hosted] Expanding the Capabilities of Kubernetes Access Control
Who you got infrastructure from and how you build applications for it has changed. Now more than ever, customers are utilizing best-in-class infrastructure from the vendors of their choice.
Subscribe to the Upbound Newsletter
[CNCF Hosted] Expanding the Capabilities of Kubernetes Access Control
Who you got infrastructure from and how you build applications for it has changed. Now more than ever, customers are utilizing best-in-class infrastructure from the vendors of their choice.
Subscribe to the Upbound Newsletter
Trusted by Over 1,000+ Teams at Leading Companies
Trusted by Over 1,000+ Teams at Leading Companies
Trusted by Over 1,000+ Teams at Leading Companies
Get Started with Upbound Crossplane 2.0
Trusted by 1,000+ organizations and downloaded over 100 million times.
Get Started with Upbound Crossplane 2.0
Trusted by 1,000+ organizations and downloaded over 100 million times.
Get Started with Upbound Crossplane 2.0
Trusted by 1,000+ organizations and downloaded over 100 million times.
