Effective RBAC - Jordan Liggitt, Red Hat
Vložit
- čas přidán 7. 07. 2024
- Effective RBAC - Jordan Liggitt, Red Hat
The v1 release of role-based access control (RBAC) in Kubernetes 1.8 provides a flexible way to ensure users and applications have proper access to the Kubernetes API. This talk is for administrators who want to secure their clusters, and for anyone who wants their applications to integrate easily in RBAC-enabled environments. This talk will give an overview of the RBAC design and API, explain how to set up an RBAC-enabled cluster, demonstrate applying policies to existing applications, show how to create custom roles to distribute with applications, and answer the question "Can Bob educate dolphins?"
About Jordan Liggitt
Jordan Liggitt is a principal software engineer at Red Hat, and helps lead Kubernetes authentication and authorization efforts.
Join us for KubeCon + CloudNativeCon in Barcelona May 20 - 23, Shanghai June 24 - 26, and San Diego November 18 - 21! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy and all of the other CNCF-hosted projects.
This is one of the clearest RBAC explanations I've seen. Thanks.
Great talk!!! Clear and fun to watch. audit2rbac is so awesome. :) Thank you!!!!
Dude ... rebuilt my local kube cluster just to test this and it freaking works ... awesome both the talk and audit2rbac ... THANKS !
Great talk. Very clear, thanks.
Very clear explanation. Thank you sir!
Great presentation!
Wonderful!!
Great talk
Thanks
awesome
Superb.
Great talk and a very watchable, if not disarming speaker; I'm not sure however I would have allowed the title of the talk to be "Effective" RBAC, as it's not exactly about "effective" rbac in the sense of rbac, it's about "effective" in the sense of automation, which is definitely not what I thought this talk was going to be about. The first half is simply a nice, gentle breakdown of k8s rbac scopes, effectively; and then the second half is him demoing a tool that builds roles for you. And while it's nice that the roles are naturally hardened as they are all automatically scoped via API call scope (which is great), the talk has *nothing* to do with organizing RBAC to meet various user needs and offers no generalized models for admins trying to role out, well...effective RBAC.
Nice presentation, can you please post the slides?
good representation, however, please remove distorting effect from the representation box. a rectangle is better than a trapezium :)
50 DKP minus for pre recorded demo
Down voters are experts
isbit.mx
slides: github.com/sbueringer/kubecon-slides/blob/master/slides/2017-kubecon-na/Effective%20RBAC%20-%20Jordan%20Liggitt%2C%20Red%20Hat%20-%20Effective%20RBAC.pdf