Sign up to save your podcasts
Or
Share Putting Workload Identity to Work: Taking SPIFFE past day 0 (Dave Sudia)
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Putting Workload Identity to Work: Taking SPIFFE past day 0 (Dave Sudia)
https://youtu.be/oHlPGzpFT_c
Speaker: Dave SudiaDave Sudia went from Platform Engineering to Product Engineering; in both roles he has had to stand up infrastructure in repeatable but constantly evolving architectures, taking into account usability, security, and scalability. He is the world's biggest fan of Infrastructure-as-Code. By day you'll find him enabling developers to do their best work and by night you'll find him hanging with his kid, whose hobbies are now Dave's hobbies.Talk:With the rise in popularity of open-source standards and tools like SPIFFE and SPIRE, it’s never been easier to get off the ground with issuing all your workloads a flexible cryptographic identity.But this is just the start of your workload identity journey! The real challenge begins in putting these identities to work in your infrastructure in replacing legacy authentication mechanisms such as long-lived shared secrets. It’s difficult to know where to get started.This talk will:Briefly outline SPIFFE and Workload IdentityExplore the options for using SPIFFE for authentication and authorization, with a focus on techniques appropriate for existing infrastructureDive into a handful of practical examples of introducing SPIFFE-based authentication between legacy services, and, between legacy services and Cloud APIsDescribe higher-level strategies for rolling out workload identity in an organization, based on experience helping large organizations approach this work
View all episodes
By Fwd:cloudsechttps://youtu.be/oHlPGzpFT_c
Speaker: Dave SudiaDave Sudia went from Platform Engineering to Product Engineering; in both roles he has had to stand up infrastructure in repeatable but constantly evolving architectures, taking into account usability, security, and scalability. He is the world's biggest fan of Infrastructure-as-Code. By day you'll find him enabling developers to do their best work and by night you'll find him hanging with his kid, whose hobbies are now Dave's hobbies.Talk:With the rise in popularity of open-source standards and tools like SPIFFE and SPIRE, it’s never been easier to get off the ground with issuing all your workloads a flexible cryptographic identity.But this is just the start of your workload identity journey! The real challenge begins in putting these identities to work in your infrastructure in replacing legacy authentication mechanisms such as long-lived shared secrets. It’s difficult to know where to get started.This talk will:Briefly outline SPIFFE and Workload IdentityExplore the options for using SPIFFE for authentication and authorization, with a focus on techniques appropriate for existing infrastructureDive into a handful of practical examples of introducing SPIFFE-based authentication between legacy services, and, between legacy services and Cloud APIsDescribe higher-level strategies for rolling out workload identity in an organization, based on experience helping large organizations approach this work