CloudNative/Kubernetes Karlsruhe

Temperatures rise faster than the VPA (vertical pool autoscaler) can follow 🥵 Grab a cold drink, sit down and mute your alerts (or double it and pass it to the next person): It's time for the Cloud Native Summer Edition

📣 CALL FOR SPEAKER

Do you have a topic/adventure to share with fellow cloud natives? Or do you want to research and give a talk, but just don't know about what?

Let us know! We can also help you with ideas and feedback.

Email to "alex (at) codesphere (dot) com"

🐾 Secure and Seamless Communication for Technical Users with Workload Identities

Single Sign-On is the most convenient method for users to access systems. However, technical integrations often still use static credentials for each service, like access keys for hyperscaler accounts or tokens for other services. As distributed systems become the norm, developers are frequently required to manually distribute technical user credentials, update them, and maintain their security. This process often involves tedious manual work and has a high potential for errors.

In this session, we will introduce you to workload identities and the OpenID Connect (OIDC) protocol, already supported by several platforms including Kubernetes, several hyperscalers, GitHub Actions, Hashicorp Vault and many more. By leveraging this technology, you can eliminate the need for manual credential management. Following an overview of the technology, we will showcase hands-on examples and demonstrations on how to eliminate long-lived credentials for hyperscalers, pull container images from private registries, interact with Kubernetes clusters, and deploy applications.