What goes into building a secure kubernetes cluster? Most of the reading you’ll find focuses on TLS and container design. An area that is often overlooked is identity management. Who’s accessing the cluster? Why do they need access? Do they still need access? Are they accessing the cluster using the correct credentials? In this class we’ll build a kubernetes cluster with identity management as the primary focus. You’ll learn how to:

• Integrate a running cluster with OpenID Connect
• Automate the creation of network and pod security policies
• Lock down access to the Kubernetes dashboard
• Build and debug RBAC policies, as well as automate them
• In addition to locking down your cluster, we’ll explore how identity interacts through your pipeline and container registry strategies. By the time you’re done with this class you’ll have seen how identity and automation plays a crucial role in securing your clusters.

This class is not an introduction to Kubernetes. It is highly recommended to have some familiarity with Kubernetes prior to this workshop. Attendees should plan to bring a laptop with an SSH client and browser. Having the local kubectl utilities is a bonus. All other lab materials will be provided.

Please note, this workshop is limited to 100 attendees.

Presenters:

Marc Boorshtein