Securing Kubernetes presented at BSidesSanFrancisco 2017

by Jesse Endahl,

Summary : The talk will begin with an overview of Kubernetes concepts and individual components. Next, I will walk through how authentication and authorization work in Kubernetes. Finally, I will explain how Hashicorp Vault’s PKI backend can be used to issue certificates for Kubernetes transport security and authentication, and assist with authorization (by embedding group membership information within client certificates).