Managing sensitive resources is a fact of life for any developer﹘whether it be credentials for users, access to data sources, or application programming interface (API) keys and tokens. When using Kubernetes as a development and deployment platform, being able to handle these concerns are just as important as the applications themselves. However, the native primitives provided by Kubernetes do not offer the level of protection that many would require from a security perspective. In this session, learn about the various tools and approaches that are available to properly manage sensitive assets when working in a Kubernetes environment, including each of the tradeoffs that need to be considered with each approach. While there is no single solution that can apply to every situation, the strategies discussed can be used to not only raise awareness to the concerns that need to be examined, but to aid in the design of a more robust security posture for working with Kubernetes.
Presenters:
Rob Sedor - Chief Architect, Application Development, Red Hat
Jeremy Davis - Chief Architect, Application Development, Red Hat
Andrew Block - Distinguished Architect, Red Hat