OIDC and Workload Identity in Kubernetes - Ashutosh Kumar, Elastic & Anish Ramasekar, Microsoft

less than 1 minute read

Abstract

Traditionally, when applications running in Kubernetes pods need to access public cloud services, they would use service account credentials or other forms of authentication. Workload identity provides a convenient and secure way to manage access to Cloud (e.g. Google, Azure etc) resources from within Kubernetes by mapping the service account to the associated cloud provider service account. It eliminates the need for managing and distributing individual service account keys or credentials, improving the overall security posture of your applications. The speakers will walk through the concepts of workload identity on the following lines: (1) Explain how OpenID Connect is used to achieve workload identity and the authentication workflow for the same, (2) How to set up workload identity on public clouds for managed and unmanaged Kubernetes clusters for public clouds. They will also do a demo on how to set up workload identity with an example of Azure/Google public cloud.

Sched URL

Video

Twitter Facebook LinkedIn

About

Conferences

OIDC and Workload Identity in Kubernetes - Ashutosh Kumar, Elastic & Anish Ramasekar, Microsoft

Abstract

Video

You May Also Enjoy

You Shall Not Pass! Unless You Are GUAC Verified…. - Parth Patel, Kusari & Dejan Bosanac, Red Hat

Living off the Land Techniques in Managed Kubernetes Clusters - Ronen Shustin & Shay Berkovich, Wiz

Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor - Anais Urlichs, Aqua Security & Shengwen Yu, VMware

Lessons Learned from Generating 100M SBOMs: Google’s Approach to SBOM Compliance - Brandon Lum & Isaac Hepworth, Google