Safety or Usability: Why Not Both? Towards Referential Auth in Kubernetes

Explore the critical balance between safety and usability in Kubernetes clusters through this informative conference talk. Delve into the vulnerabilities of essential tooling, such as Ingress and Gateway controllers, and discover how new authorization APIs can mitigate future CVEs while enabling innovative reference patterns. Learn about the historical context of these security challenges, including past stop-gap solutions, and gain insights into proposed changes for enhanced cluster security. Acquire clear guidelines for limiting unnecessary access to cluster components and maintaining robust security measures. Understand how to contribute to the development of future Kubernetes APIs by providing early feedback during the active development phase. This presentation offers valuable knowledge for Kubernetes administrators and developers seeking to optimize both the safety and functionality of their cloud-native environments.

Safety or Usability: Why Not Both? Towards Referential Auth in K8s - Rob Scott, Google & Mo Khan