Security

In this session, we will discuss architectural concerns regarding security. How do microservices communicate securely with one another? What are some of the checklist items that you need?

There are multiple elements to Kubernetes where each component seems like a character in a book, pods, services, deployments, secrets, jobs, config maps, and more. In this presentation, we just focus on the security aspect of Kubernetes and the components involved. Particularly centered around RBAC and ServiceAccounts. What they are, what they do. We discuss etcd and secrets. We will also discuss other options for security in Kubernetes.

Hashicorp Vault stores encrypted secrets securely. You can store anything that you want into Vault including API keys, passwords, and certificates. Vault can also store dynamic secrets where it can negotiate with a cloud service on your behalf without direct interaction with your API keys. Hashicorp Vault is well thought out "bank" of information that handles storage, encryption, leasing, sealing.