Enabling Autonomous Teams With Policy Enforcement at Yubico - James Alseth & John Reese, Yubico

less than 1 minute read

Abstract

In this talk, we will discuss the tools and processes created by Yubico to enable autonomous teams through policy. Initially, Kubernetes RBAC and peer reviews from our Platform team allowed teams to adopt Kubernetes for their services. However, we knew that a dependency on a single team was not a scalable solution. To give teams more autonomy over their services, and rely less on manual reviews, we began to enforce policies in our pipelines and clusters by leveraging the Open Policy Agent. The Open Policy Agent and its surrounding projects were the perfect fit for us; they are open source, flexible, performant, and have seen widespread adoption throughout the ecosystem. We’ll also discuss the tooling that was built that enabled us to test policies, automatically generate supporting documentation and audit how each policy is being used so that they can be safely promoted through our environments. Best of all? They are all open source!

Sched URL

Video

Twitter Facebook LinkedIn

About

Conferences

Enabling Autonomous Teams With Policy Enforcement at Yubico - James Alseth & John Reese, Yubico

Abstract

Video

You May Also Enjoy

You Shall Not Pass! Unless You Are GUAC Verified…. - Parth Patel, Kusari & Dejan Bosanac, Red Hat

Living off the Land Techniques in Managed Kubernetes Clusters - Ronen Shustin & Shay Berkovich, Wiz

Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor - Anais Urlichs, Aqua Security & Shengwen Yu, VMware

Lessons Learned from Generating 100M SBOMs: Google’s Approach to SBOM Compliance - Brandon Lum & Isaac Hepworth, Google