SIG Auth Update and Deep Dive
This session will cover the inner workings of SIG Auth and its sub projects. The SIG is looking to expand contributors and attending this session is a great way to get involved. An update of the SIG's …
| Talk Title | SIG Auth Update and Deep Dive |
| Speakers | Mike Danese (Software Engineer, Google), Tim Allclair (Google, Software Engineer), Mo Khan (Software Engineer, VMware) |
| Conference | KubeCon + CloudNativeCon North America |
| Conf Tag | |
| Location | San Diego, CA, USA |
| Date | Nov 15-21, 2019 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
This session will cover the inner workings of SIG Auth and its sub projects. The SIG is looking to expand contributors and attending this session is a great way to get involved. An update of the SIG’s activities in the last six months will be provided. Based on community feedback, three deep dive topics will be covered: 1. The future of pod security policies Various limitations and structural problems have prevented the PSP API from GA. Possible paths forward will be explored. 2. Open Policy Agent and Gatekeeper Gatekeeper is an early stage project that aims to support policy enforcement via a Kubernetes style, custom resource definition based API. 3. Bound service account tokens, audiences and the future of container identity Asserting identity of Kubernetes workloads to external components is an essential part of access control. Bound SA tokens make this task easier and more secure.
