Throw Away Your Passwords: Trusting Workload Identity - Ric Featherstone ControlPlane

Dont miss out! Join us at our upcoming hybrid event: KubeCon CloudNativeCon North America 2022 from October 24-28 in Detroit and online!.
Learn more at The conference features presentations from developers and end users of Kubernetes Prometheus Envoy and all of the other CNCF-hosted projects. Throw Away Your Passwords: Trusting Workload Identity - Ric Featherstone ControlPlane Trust is required to secure our systems: we need it to bootstrap infrastructure to run workloads and to reassure our customers of their privacy.
But how do we establish and secure this trust in a dynamic cloud native system? Historically we relied upon identifiers such as IP addresses passwords and certificates but can we do better than these antiquated authentication mechanisms? In this talk we: Demystify machine identity and its relationship to secrets management and access control Discuss the issues with historical approaches in a cloud native environment Solve the bottom turtle trust bootstrap quandary Appraise the open source implementations and technologies available to you Demonstrate practical examples of how to acquire a workload identity or secret zero Strive for a world in which passwords and static keys are replaced by dynamic credentials and hardware roots of trust

Источник: rutube.ru