Securing Kubernetes Secrets (Cloud Next '19)
Secrets are a key pillar of Kubernetes’ security model, used internally (e.g. service accounts) and by users (e.g. API keys), but did you know they are stored in plaintext? That’s right, by default all Kubernetes secrets are base64 encoded and stored as plaintext in etcd. Anyone with access to the etcd cluster has access to all your Kubernetes secrets.
Thankfully there are better ways. This lecture provides an overview of different techniques for more securely managing secrets in Kubernetes, including secrets encryption, KMS plugins, and tools like HashiCorp Vault. Attendees will learn the trade-offs of each approach to make better decisions on how to secure their Kubernetes clusters.
Securing Kubernetes Secrets → http://bit.ly/2TYdHiS
Application-layer Secrets Encryption → http://bit.ly/2Uhn7v7
Watch more:
Next '19 Hybrid Cloud Sessions here → https://bit.ly/Next19HybridCloud
Next ‘19 All Sessions playlist → https://bit.ly/Next19AllSessions
Subscribe to the GCP Channel → https://bit.ly/GCloudPlatform
Speaker(s): Seth Vargo, Alexandr Tcherniakhovski
Session ID: HYB200
product:Kubernetes Engine,Cloud KMS; fullname:Alexandr Tcherniakhovski,Seth Vargo; event: Google Cloud Next 2019; re_ty: Publish; product: Cloud - Containers - Google Kubernetes Engine (GKE); fullname: Seth Vargo;
Видео Securing Kubernetes Secrets (Cloud Next '19) канала Google Cloud Tech
Thankfully there are better ways. This lecture provides an overview of different techniques for more securely managing secrets in Kubernetes, including secrets encryption, KMS plugins, and tools like HashiCorp Vault. Attendees will learn the trade-offs of each approach to make better decisions on how to secure their Kubernetes clusters.
Securing Kubernetes Secrets → http://bit.ly/2TYdHiS
Application-layer Secrets Encryption → http://bit.ly/2Uhn7v7
Watch more:
Next '19 Hybrid Cloud Sessions here → https://bit.ly/Next19HybridCloud
Next ‘19 All Sessions playlist → https://bit.ly/Next19AllSessions
Subscribe to the GCP Channel → https://bit.ly/GCloudPlatform
Speaker(s): Seth Vargo, Alexandr Tcherniakhovski
Session ID: HYB200
product:Kubernetes Engine,Cloud KMS; fullname:Alexandr Tcherniakhovski,Seth Vargo; event: Google Cloud Next 2019; re_ty: Publish; product: Cloud - Containers - Google Kubernetes Engine (GKE); fullname: Seth Vargo;
Видео Securing Kubernetes Secrets (Cloud Next '19) канала Google Cloud Tech
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Kubernetes Security Best Practices - Ian Lewis, Google
Secrets in Kubernetes | Coupon: UDEMYNOV20 | Udemy: Kubernetes Made Easy | Kubernetes Tutorial
Base64 is not encryption A better story for Kubernetes Secrets
Kubernetes Secret Management Explained
Kubernetes Security Best Practices 2021 (From Container Specialist)
Kubernetes Secrets in 5 Minutes!
Deep Dive: Flux the GitOps Operator for Kubernetes - Stefan Prodan, Weaveworks
Seccomp Security Profiles and You: A Practical Guide - Duffie Cooley, VMware![[ Kube 14 ] Using Secrets in Kubernetes](https://i.ytimg.com/vi/ch9YlQZ4xTc/default.jpg)
[ Kube 14 ] Using Secrets in Kubernetes
Bitnami Sealed Secrets - How To Store Kubernetes Secrets In Git Repositories
Cloud Security Command Center: Control of Your Vulnerabilities on GCP (Cloud Next '18)
Deploying Spring Boot in Kubernetes | Google Kubernetes Engine | K8s Primers | Tech Primers
Introduction to HashiCorp Vault on Kubernetes for beginners
Kubernetes Operators Explained
Organizing the YAML mess with Kustomize - Florian Assmus![Hacking and Hardening Kubernetes Clusters by Example [I] - Brad Geesaman, Symantec](https://i.ytimg.com/vi/vTgQLzeBfRU/default.jpg)
Hacking and Hardening Kubernetes Clusters by Example [I] - Brad Geesaman, Symantec
Scalable and Manageable: A Deep-Dive Into GKE Networking Best Practices (Cloud Next '19)
Google Cloud Translate API with DotNet | Google Cloud Translate API | Google.Cloud.Translation.V2
How to easily Continuous Deployment with Cloud Run