Session Name: I Am Cluster-admin, Destroyer of Everything You Hold Dear
You have a collection of clusters that you manage, you need to know how to get everyone connected. Its easiest to just share your kubeconfig with the rest of the company, but that opens everyone up to a world of hurt. Sometimes the biggest problems start with the best of intentions by folks who don’t know better, but then there are the bad actors that can intentionally cause havoc. Let’s start out with some examples of what can happen when the least privilege is not observed in Kubernetes. Once you know that you need a solution, let’s look at how to achieve it. In this session, we will look at a number of solutions to this very real problem. By the end of our time, you will have an actionable plan to get everything in order and reduce your attack surface by a considerable amount.
Matt Williams is the Evangelist at InfraHQ, Emcee for DevOps Days Seattle, and a former organizer of DevOps Days Boston and Serverless Days Boston. He is passionate about the power of Kubernetes and other infrastructure tools. So he speaks and writes about all the DevOps things with Infra. When he's not on the road or talking on Zoom/Twitch/YouTube, he's coding. You can find Matt on Twitter at @Technovangelist.